Backdooring Websites with just 35 bytes

He can easily use it for his own gain if he knows how it works.

Yep, we better implement authentication.

Not anything fancy, we will just introduce a new parameter p which can be used to supply the password, if the supplied value matches our password, the function will execute otherwise not.

Now it is password protected but it has 70 characters now so let’s get back to shortening it.

We will use something called ternary operator, it’s basically a shorthand for a if else block.

Normal: if ($movie == 'marvel'){echo 'y'} else{'n'}With ternary operator: ($movie == 'marvel' ? echo 'y' : echo 'n')Using the ternary operator, we reduced 10 charactersYou know what…we can use $_GET[p] instead of $_GET['p'] .

Yes, PHP allows that and we can strip 8 more chars just like that.

Also, we can remove the unnecessary white space which gives us the followingYay! It has just 47 characters, can we shorten it further? Yes!Actually I was stuck at this point but then Yohanes pointed out a really neat trick, instead of using ternary operator, we can simply do thiscondition&&executeCodeIf condition is satisfied, the code following && will be executed.

Don’t get confused, it’s just the AND operator ;)Great!.It’s has 45 characters now.

Actually, this article isn’t about the best practices, it’s about writing a super tiny web shell so let’s replace passwordwith _It reduces the overall size to 38.

Another PHP fun fact!.<?.is a shorthand for <?php .

Yes, it is turned off by default but luckily <?= is allowed.

So we have the winner!Stop scrolling and take a look at it.

It’s beautiful, isn’t it?I have written another one is a bit more cooler, it’s on my Github.

Well that’s all for today.

Have a nice day!.

. More details

Leave a Reply