0

About 3 months ago, I used a free PHP app to host my website.
However, I recently unexpectedly found the PHP app contains a PHP web shell by accident.
I am so surprised, and want to know I should how to detect these PHP backdoors before using the php app.

Matt Elson
  • 4,177
  • 8
  • 31
  • 46

2 Answers2

4

You can use http://cirt.net/nikto2

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

rkosegi
  • 14,165
  • 5
  • 50
  • 83
1

A quick way to fix this.

As you mentioned there was a SHELL uploaded on your server., Hence this file must have been gotten inside with some "File Upload or Image Upload" page of your free PHP app.

Go to that page and set the MIME type to accept only IMAGES or DOCUMENTS.

Shankar Narayana Damodaran
  • 68,075
  • 43
  • 96
  • 126