wp_uploader.php: Simple and Effective Uploader
It takes less than 100 characters of PHP code to create an uploader that can be placed on a compromised website to act as a backdoor.
DarkClownSecurity Web Shell
How a PHP web shell uses basic functions like tempname, require, and urldecode to remain lowkey.
Prestashop Backdoor - SuperAdmin Injector
A malware injection used to automatically inject a SuperAdmin user into the Prestashop _employees database table.
Magento Multiversion Backdoor
Magento’s continued migration from 1.x to 2.x versions has led malware authors to modify existing malicious tools to accomodate for the major differences between these Magento versions.
How-to Use A PHP Backdoor ‘One-liner’ and How It Evades Detection
How do hackers use a PHP backdoor that is injected into a single line of code in a website’s file? Why is it better at evading malware scanners than other PHP backdoors?