by

PHP – Fully Undetectable Web Shell

Today, i wanna try to create a simple undetected (hopefully FUD) web shell backdoor. I am using VirusTotal (yes, i want them to check my file, lol..).

So, what is FUD?

Fully undetectable (usually shortened as “FUD”) can stand for data that had been encrypted, making it appear to be random noise. It can also stand for software that cannot be detected by anti-viruses when a scan is performed. The term is used in hacker circles to refer to something that appears to be clean to many anti-viruses, even though it is a hacking tool.
Source : https://en.wikipedia.org/wiki/Fully_undetectable

Here is my simple (actually primary) shell without any obfuscation :

and here is the VirusTotal result :

Simple Shell

 

 

Now we can see, my web shell was detected by Avast, AVware and Bkav.

Lets try to obfuscate the shell.

Obfucated web shell

 

And here is the VirusTotal result :

FUD web shell

 

Cheers..

Leave a Reply

Your email address will not be published. Required fields are marked *