Αυτόματος εντοπισμός συγκεχυμένου κώδικα για κερκόπορτες σε ιστοσελίδες
Automated identification of obfuscated backdoors in web pages
KeywordsObfuscation ; Deobfuscation ; Backdoors ; PHP ; Web shell ; Inotify ; Shell detector ; Shell libraries ; UnPHP
This thesis focuses on the automatic identification of a modified malicious code aiming at compromizing the system that hosts it. First of all, an attempt is made to describe how a file can be modified so that its operation is not obvious, through examples. Afterwards, an analysis of the practical application created for the purposes of this thesis takes place. The function of this application, the tools that comprise it, and the execution sequence are described. After all aspects have been analyzed, examples of the use of the application are presented together with the results obtained. Finally, conclusions from the use of the application are mentioned, and the question of whether it resolved the problem it was designed to solve is addressed.