A collection of PHP exploit scripts

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Profile image of Mattias Geniar

Mattias Geniar, November 10, 2014

Follow me on Twitter as @mattiasgeniar

If you’re in the hosting business for a while, you start to see your fair share of PHP exploit code. Code that’s been uploaded through a CMS exploit, and then used to further exploit others: attack other servers, send spammails, …

There’s now a github repo where I “collect” these exploit scripts that have been uploaded: PHP Exploit Scripts. It also includes this README file, which pretty much sums it up.

Why do you put these online? They're dangerous!

Yes, obviously. Don't copy them and store them on your own server.
These are scripts found on hacked systems, so they're used to exploit
the server and abuse some kind of vulnerability.

They are indeed dangerous in themselves. But if anyone can exploit a
server or CMS, they can upload far more dangerous tools than these PHP
scripts.

This repo does not contain any info or guides on how those files have been uploaded or what exploit on the CMS was being used. This is merely the result: what does an “attacker” do, what files do they upload, once they have found a method of copying PHP code to the remote server.

Interested? Have a look at the Github repo: mattiasgeniar/php-exploit-scripts.

Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.