Backdoor is software that is used to illegally access a system, a backdoor can be embedded in an application or network without using the authentication process. So that the attacker can enter the system without authenticating with a username and password. This method is usually used to test the vulnerability of a system or network.
At the beginning of its development, the backdoor is used by developers to facilitate access to applications, so that if a crash, error, or bug can be resolved quickly. However, over time the backdoor is used towards the negative, namely to exploit the users of the application users, so that it can be said as malware.
Backdoor was famous after Edward Snowden revealed a National Security Association (NSA) document in 2013 that contained that the NSA gave an order to install a backdoor on electronic products, making it easier for them to access the data needed. One case was when the NSA weakened the NIST SP800-90 encryption algorithm, Dual Ec Prng.
Function
Broadly speaking, the backdoor’s function is to access the user device that the backdoor has implanted. This can be in the form of applications or files that are inserted backdoor. In general, backdoor implanted in illegal or pirated applications. An example is Taking server access, this aims to carry out data theft, server hijacking, web destruction, putting malware on websites, or doing Distributed Denial of Service (DDOS).
Backdoor type

  1. Backdoor Web Shell
    Using syntax or text command input contained on a web page that can execute the input.
  2. Systen Backdoor
    This backdoor is the most commonly used because it provides convenience and flexibility to the perpetrators to exploit their victims. This is in the form of malware.

Resolve
Activate the firewall. By activating a website firewall for any device, you will block unauthorized users (or users without permission) so that they cannot retrieve data from your website and device.
Activate the firewall. By activating a website firewall for any device, you will block unauthorized users (or users without permission) so that they cannot retrieve data from your website and device.
Use anti-virus software. Make sure that your anti-virus has been updated to the latest version. Also, make sure that your computer’s operating system and the programs on your laptop are updated to the latest version. That way, they can avoid attacks.
Be careful with the email you receive. Even though the email you received came from someone you know, hackers can pretend to be that person so they can get access to your laptop. Look for an anti-virus that can do an email scan and first scan each attachment before you open the email so that you are not exposed to the backdoor or other attacks.
Overcome backdoor on web hosting
In web hosting there are several things you can do to clean the backdoor. Here are some checks that can be done for backdoor handling.
• Themes that are not used are better removed and use original and trusted themes.
• Check the .htaccess file, making sure there is no script redirect.
• Check the wp-config.php file so that it is the same as the wp-config-sample.php file in the configuration.
Look for files that contain backdoor
This step is sometimes useful for handling post-server web hosting attacks. The goal is to find if there is still a script embedded in a file in one of the folders. The problem is there are a lot of folders and files stored. Ranging from hundreds of megabytes to several gigabytes.
One way that you can use to look for pieces of code that are on one of the file servers is to use the command text. On Linux there is the grep command that can be used to search for pieces of script that are in the file.
Grep already exists on every Linux so there is no need to do the installation again. As for the website files that you want to check must be downloaded first.
Looking for the Command Line Passtrhu Using Linux
The following command line is used to search for all folders and files contained in public_html that contain the passstru script.
$ grep -Rn “passthru * (” public_html /
If you want to save the results of the search into a file, then you can use the following command.
$ grep -Rn “passthru * (” public_html / >> result.txt
Search for the Command Line Passtrhu Using Windows
If you use the Windows operating system there are also commands that can be used to check lines of code. If on Linux use Grep then on Windows use Findstr.
$ findstr / r / s / n / c: “passthru * (” *. *

0/5 (0 Reviews)

LEAVE A REPLY

Please enter your comment!
Please enter your name here