Presentation: Code Obfuscation, PHP shells & more: what hackers do once they get passed your code

Mattias Geniar, Monday, March 31, 2014 - last modified: Thursday, September 14, 2017

I recently gave a presentation titled "Code Obfuscation, PHP shells & more: what hackers do once they get passed your (PHP) code". I've received positive feedback, which is why I think this may be worth sharing. This presentation is based on nearly a decade of experience working at Nucleus.be.

Any comments are greatly appreciated.

If the presentation embed doesn't work, it's viewable online at:

If you'd like to hear this presentation again on a User Group or conference, let me know via @mattiasgeniar or via mail at m@ttias.be.



Hi! My name is Mattias Geniar. 👋 I'm an independent software developer ⌨️ & Linux sysadmin 👨‍💻, a general web geek & public speaker. Currently working on DNS Spy & Oh Dear! Follow me on Twitter as @mattiasgeniar 🐦.

🔥 If you're stuck with a technical problem, I'm available for hire to help you fix it!

Share this post

Did you like this post? Help me share it on social media! Thanks. 🤗

Have feedback?

New comments have been disabled on this blog, existing comments will remain as-is. Want to give feedback? Is there a mistake in the post?

Send me a tweet on @mattiasgeniar!

Comments

Stéphan Saturday, April 5, 2014 at 18:06 -

Just thought I’d stop by and thank you for this awesome share!

I’ve been dealing with largely the same issues these past 4 years.
And have found some great solutions to proactively protect customers that are either too lazy to update their CMS / plugins, or are stuck with an old version because of dependencies.

I’ll add to this by sharing some code deobfuscators I’ve found over these years:

http://ddecode.com/phpdecoder/
http://jonhburn2.freehostia.com/decode/
http://www.whitefirdesign.com/tools/deobfuscate-php-hack-code.html
http://www.unphp.net/