While it’s true that simple “backdoors” often take the form of hidden admin users, generally complex backdoor code is simpler than that. It simply gives the attacker the means to any PHP code they like, usually through the use of the eval command. A simple example would be this: 1 ...
The first step is to set up an HTML form. This is what users will interact with to submit their data. To make the form work with file uploads, you need to set the form’s method to POST. This is because the GET method can’t send files to servers. Next, you must set the form...
However, attackers need to disguise their attacks over the wire as well, to prevent hosts from blocking them. The easy and cheap way to do this is base64 encoding. Base 64 encoding lets them disguise their commands to their hidden “eval” command to be just a random looking string of le...