Google Search: intitle:”PHP Shell *” “Enable stderr” filetype:php
juventini rates this entry 8 out of 10.
Submitted: 2004-07-12 11:25:44
Added by: juventini
PHP Shell is a shell wrapped in a PHP script. It’s a tool you can use to execute arbiritary shell-commands or browse the filesystem on your remote Web server. This replaces, to a degree, a normal telnet-connection. You can use it for administration and maintenance of your Web site using commands like ps, free, du, df, and more.If these shells aren’t protected by some form of authentication, an attacker will basicly *own* the server. This search finds such unprotected phpshells by looking for the keyword “enable stderr”.
2004-07-18 07:45:33 (murfie): Most phpshells have been found by administrators..
Alternative search syntax might be:
<"Enable stderr" filetype:php inurl:"work_dir">
This works in case if the default Title has been changed.