{"id":1780,"date":"2023-11-04T08:47:35","date_gmt":"2023-11-04T08:47:35","guid":{"rendered":"https:\/\/matob.web.id\/random\/?p=1780"},"modified":"2023-11-04T08:47:35","modified_gmt":"2023-11-04T08:47:35","slug":"backdoor","status":"publish","type":"post","link":"https:\/\/matob.web.id\/random\/backdoor\/","title":{"rendered":"What is Backdoor? Explanation and How to Resolve"},"content":{"rendered":"<p>In this article I will explain what a\u00a0<em>backdoor is<\/em>\u00a0and what types of\u00a0<em>backdoors<\/em>\u00a0currently exist.\u00a0In addition, how to create a\u00a0<em>backdoor<\/em>\u00a0will also be explained in the second part.\u00a0At the end of the article there is a\u00a0<em>backdoor<\/em>\u00a0fix\u00a0that you can try to secure your Linux server.<\/p>\n<h2><span>What is Backdoor?<\/span><\/h2>\n<p><img fetchpriority=\"high\" decoding=\"async\" class=\"size-full wp-image-1785 aligncenter\" src=\"https:\/\/matob.web.id\/random\/wp-content\/uploads\/sites\/2\/2021\/12\/backdoor-1.jpg\" alt=\"backdoor \" width=\"620\" height=\"427\" title=\"\"><\/p>\n<p><span>Understanding Backdoor in a software or computer system is an undocumented portal.\u00a0This portal allows administrators to log in to the system to perform troubleshooting or maintenance.<\/span><\/p>\n<p><span>However, the term backdoor is more often used in the context of hacking.\u00a0In hacking, a backdoor is a secret portal used by hackers and intelligence agencies to gain unauthorized access to software, websites, or computer systems.<\/span><\/p>\n<p><span>Backdoor itself does have several meanings.\u00a0But the popular definition of Backdoor usually refers to an access point that is legally embedded in a system or software program for remote administration.<\/span><\/p>\n<p><span>Usually, such undocumented backdoors are used to maintain software or systems.\u00a0Some administrative backdoors are indeed called usernames and passwords that are hardcoded and cannot be changed, although some use credentials that can be changed.<\/span><\/p>\n<p><span>Usually, the system owner is not necessarily aware of a backdoor.\u00a0The one who usually knows for sure is the software maker.\u00a0The admin backdoor that is built-in actually makes a system or software vulnerable to hackers who want to gain access to the system or data.<\/span><\/p>\n<p><span>Attackers can install their own backdoor on the targeted system.\u00a0That way, they can freely enter and go to a system.<\/span><\/p>\n<p><span>Not only that, they can also access the system remotely.\u00a0Malware that is installed specifically for this is usually called a remote access Trojan (RAT) and can be used to install other malware onto a system or data.<\/span><\/p>\n<p><span>Backdoor became famous after Edward Snowden leaked the documents of the American National Security Agency (NSA) in 2013.<\/span><\/p>\n<p><span>From this document, Edward Snowden leaked that the NSA asked electronics companies to install backdoors on their products, especially to companies that use encryption systems.\u00a0This secret backdoor allows intelligence agencies to read the system and data on the product.<\/span><\/p>\n<p><span>One of the most controversial backdoor cases was the NSA&#8217;s attempt to weaken an encryption algorithm known as the NIST SP800-90 Dual Ec Prng so that data encrypted with that algorithm could be opened by the NSA.<\/span><\/p>\n<h2><span>Why Are Backdoors Dangerous?<\/span><\/h2>\n<p><img decoding=\"async\" class=\"size-full wp-image-1784 aligncenter\" src=\"https:\/\/matob.web.id\/random\/wp-content\/uploads\/sites\/2\/2021\/12\/backdoor-hacker.jpg\" alt=\"backdoor hacker\" width=\"1280\" height=\"720\" title=\"\" srcset=\"https:\/\/matob.web.id\/random\/wp-content\/uploads\/sites\/2\/2021\/12\/backdoor-hacker.jpg 1280w, https:\/\/matob.web.id\/random\/wp-content\/uploads\/sites\/2\/2021\/12\/backdoor-hacker-768x432.jpg 768w\" sizes=\"(max-width: 1280px) 100vw, 1280px\" \/><\/p>\n<p><span>As explained above, backdoors have become a hot topic of discussion because of the dangers of providing dark access.\u00a0But there are a few more things that make backdoors considered dangerous.<\/span><\/p>\n<ul>\n<li>\n<h3><strong><span>DDoS (Distributed Denial of Service) attacks<\/span><\/strong><\/h3>\n<\/li>\n<\/ul>\n<p><span>One of the most serious threats is a DDos attack or Distributed Denial of Service.\u00a0This attack occurs when a hacker makes the server send various packets to one destination.<\/span><\/p>\n<p><span>This attack makes a machine or network unable to work properly because the amount of traffic is too high.<\/span><\/p>\n<p><span>Denial of service becomes distributed when there are several machines in the world participating in the attack at the same time.\u00a0In this case, hackers will have backdoors in many systems that can be used to perform DDoS.\u00a0Servers that then participate in the attack may be blacklisted in the end.<\/span><\/p>\n<ul>\n<li>\n<h3><strong><span>Malware Distribution<\/span><\/strong><\/h3>\n<\/li>\n<\/ul>\n<p><span>By installing a backdoor on a web server, a hacker can distribute malware to website visitors.\u00a0The malware that is commonly distributed is ransomware or adware which hackers can take advantage of.<\/span><\/p>\n<p><span>If your website is hit by this attack, your website will be blocked directly by browsers such as Chrome and Opera.<\/span><\/p>\n<ul>\n<li>\n<h3><strong><span>Data Theft<\/span><\/strong><\/h3>\n<\/li>\n<\/ul>\n<p><span>This is the most frequently discussed backdoor hazard.\u00a0In this case, the backdoor would be a way for hackers to access the web server from time to time to steal important information from the server, such as for example customer data or use the server as a turning point to steal from adjacent networks.<\/span><\/p>\n<p><span>Hackers usually do this clandestinely.\u00a0In fact, you may not notice anything wrong with your server at all.<\/span><\/p>\n<p><span>Finding such backdoors is difficult, not only because they can use advanced techniques, but because you may not even know they are there.<\/span><\/p>\n<p><span>One way to find such backdoors is to periodically check the appropriate logs.\u00a0Also, securing the server is the best way to prevent hacking.<\/span><\/p>\n<h2><span>How to Avoid Backdoors?<\/span><\/h2>\n<p><span>There are several ways you can do to keep your website and device safe from backdoors.<\/span><\/p>\n<ul>\n<li>\n<h3><strong><span>Enable firewall to prevent backdoor<\/span><\/strong><\/h3>\n<\/li>\n<\/ul>\n<p><span>By activating the website firewall regardless of device, you will block unauthorized users (or users without permission) so that they cannot retrieve data from your website and device.<\/span><\/p>\n<ul>\n<li>\n<h3><strong><span>Be careful with open-source software<\/span><\/strong><\/h3>\n<\/li>\n<\/ul>\n<p><span>If you choose to use open-source software, make sure that the software you use gets a good rating and is said to be safe.\u00a0Indeed, this open-source software is official from the brand, but there are many hidden backdoors that can steal information or even control your system.<\/span><\/p>\n<p><span>Hackers also know that changing software code can give them backdoor access to other computers or networks.<\/span><\/p>\n<ul>\n<li>\n<h3><strong><span>Use anti-virus software<\/span><\/strong><\/h3>\n<\/li>\n<\/ul>\n<p><span>Make sure that your anti-virus is updated to the latest version.\u00a0Also, make sure that your computer&#8217;s operating system and the programs on your laptop are updated to the latest version.\u00a0That way, they can dodge attacks.<\/span><\/p>\n<ul>\n<li>\n<h3><strong><span>Be careful with the emails you receive<\/span><\/strong><\/h3>\n<\/li>\n<\/ul>\n<p><span>Even if the email you receive is from someone you know, hackers can pretend to be that person so they can gain access to your laptop.<\/span><\/p>\n<p><span>Look for an anti-virus that can do an email scan and first scan every attachment before you open the email so that you are not exposed to backdoors or other attacks.<\/span><\/p>\n<h2><strong>Backdoor Function<\/strong><\/h2>\n<p>The most widely used backdoor function is to enter the system without having to go through the authentication mechanism.\u00a0This function is widely used by programmers to get into the system they develop.\u00a0Due to the system that is in the process of development sometimes there are still many problems such as sudden stops and other bugs.<\/p>\n<p>Here are some other\u00a0<em>backdoor<\/em>\u00a0functions\u00a0.<\/p>\n<ul>\n<li>\n<h3><strong>Retrieve website access rights<\/strong><\/h3>\n<\/li>\n<\/ul>\n<p>What is a\u00a0<em>backdoor<\/em>\u00a0to take website access rights?\u00a0Backdoors are currently widely distributed in various applications and features used on a website.\u00a0The goal is to gain access to the website.\u00a0Once logged in, it depends on the\u00a0<em>backdoor<\/em>\u00a0maker\u00a0or the so -called hacker.\u00a0Because, when you can get into the website system, then hackers can do anything.<\/p>\n<p>There are several ways that can be used to insert a\u00a0<em>backdoor<\/em>\u00a0into a website, such as through themes,\u00a0<strong><em>plugins<\/em><\/strong>\u00a0,\u00a0<strong><em>upload folders<\/em><\/strong>\u00a0,\u00a0<strong><em>wp-config<\/em><\/strong>\u00a0, and\u00a0<strong><em>include folders<\/em><\/strong>\u00a0.\u00a0Most of these\u00a0<em>backdoors<\/em>\u00a0are even entered by the victim himself by accident.<\/p>\n<ul>\n<li>\n<h3><strong>Retrieves server\/computer permissions<\/strong><\/h3>\n<\/li>\n<\/ul>\n<p>Another thing that is quite dangerous is when hackers successfully put a\u00a0<em>backdoor<\/em>\u00a0into the server (could be a personal device).\u00a0When\u00a0<em>the backdoor<\/em>\u00a0has entered into a victim&#8217;s system, hackers can access to all folders in the device.\u00a0Not infrequently hackers also commit data theft using this method.<\/p>\n<p>Unlike how to take website access rights, inserting a backdoor into a device is mostly through an application installed by the victim.\u00a0These applications are generally not known as\u00a0<em>backdoors<\/em>\u00a0, because hackers give these applications the name of the program that is reasonable and even that the victim wants to install.<\/p>\n<p>The purpose\u00a0<em>backdoor<\/em>\u00a0on a web server is used to perform malicious activity, including:<\/p>\n<ul>\n<li>Data theft<\/li>\n<li>Server hijacking<\/li>\n<li>Damages the website<\/li>\n<li>Put a virus on website visitors<\/li>\n<li>Performing Distributed Denial of Service (DDoS) attacks<\/li>\n<\/ul>\n<h2><strong>Backdoor type<\/strong><\/h2>\n<p>The types of backdoors are seen from the type.<\/p>\n<ul>\n<li><strong><em>Web Shell Backdoor<\/em><\/strong><\/li>\n<\/ul>\n<p>Web Shell Backdoor is one way to obtain a backdoor (entrance) through a web shell.\u00a0What is a web shell?\u00a0A web shell is a type of command text contained on a website page that can be used to gain access to the system by executing certain programs.<\/p>\n<ul>\n<li><strong><em>System Backdoor<\/em><\/strong><\/li>\n<\/ul>\n<p><em>System Backdoors<\/em>\u00a0are the most popular type of\u00a0<em>backdoor<\/em>\u00a0of all types of\u00a0<em>backdoors<\/em>\u00a0.\u00a0This type is included as the main target in doing\u00a0<em>backdoor<\/em>\u00a0.\u00a0Because it provides flexibility and stability compared to\u00a0<em>web shell backdoor<\/em>\u00a0.<\/p>\n<h2><strong>Steps to Finding a\u00a0<em>Backdoor<\/em><\/strong><\/h2>\n<p>For the security of your system, especially online -based.\u00a0There are several things you can do to find and prevent possible\u00a0<em>backdoors<\/em>\u00a0attacking your system.\u00a0In this section I will discuss about the ways that can be done to handle\u00a0<em>backdoor<\/em>\u00a0on systems that use the <a href=\"https:\/\/matob.web.id\/random\/technology\/chown-linux\/\">Linux operating system<\/a> in particular.<\/p>\n<h2><strong>Things to Prepare<\/strong><\/h2>\n<ul>\n<li>A client computer that can be used to access a server or web hosting.<\/li>\n<\/ul>\n<h2><strong>Overcoming\u00a0<em>Backdoor<\/em><\/strong><\/h2>\n<h3><strong>Overcoming backdoors in web hosting<\/strong><\/h3>\n<p>On\u00a0<strong>web hosting<\/strong>\u00a0there are several things that can be done to clean the backdoor.\u00a0Here are some checks that can be done for backdoor handling.<\/p>\n<ul>\n<li>Unused themes are best removed and use original and trusted themes.<\/li>\n<li>Check the\u00a0<em><strong>.htaccess<\/strong><\/em>\u00a0file\u00a0, making sure there are no\u00a0<strong><em>redirect scripts<\/em><\/strong>\u00a0.<\/li>\n<li>Check the wp-config.php file so that it is the same as the\u00a0<strong><em>wp-config-sample.php<\/em><\/strong>\u00a0file\u00a0in the configuration.<\/li>\n<\/ul>\n<h3><strong>Find Files Containing Backdoor<\/strong><\/h3>\n<p>This step is sometimes useful for handling post -attack on web hosting servers.\u00a0The goal is to find out if there are still\u00a0<em>scripts<\/em>\u00a0embedded in a file in one of the folders.\u00a0The problem is that there are a lot of folders and files stored.\u00a0Ranging from hundreds of megabytes to a few\u00a0<em>gigabytes<\/em>\u00a0.<\/p>\n<p>One way you can find a snippet of code in one of the server files is to use the command text.\u00a0On Linux there is a\u00a0<em>grep<\/em>\u00a0command\u00a0that can be used to find snippets of script in a file.<\/p>\n<p>Grep is already in every <a href=\"https:\/\/www.linux.org\/\" target=\"_blank\" rel=\"noopener\">Linux<\/a> so there is no need to install again.\u00a0As for the website file that you want to check, it must be downloaded first.<\/p>\n<h4><strong>Finding the Passtrhu Command Line Using Linux<\/strong><\/h4>\n<p>The following command line is used to search for all folders and files contained in public_html that contain\u00a0<strong><em>passwords<\/em><\/strong>\u00a0.<\/p>\n<blockquote><p><em>$ grep -Rn \u201cpassthru *(\u201d public_html\/<\/em><\/p><\/blockquote>\n<p>If you want to save the results of a search into a file, eat can use the following command.<\/p>\n<blockquote><p><em>$ grep -Rn \u201cpassthru *(\u201d public_html\/ &gt;&gt; hasil.txt<\/em><\/p><\/blockquote>\n<h4><strong>Finding the Passtrhu Command Line Using Windows<\/strong><\/h4>\n<p>If you are using a Windows operating system, there are also commands that can be used to check lines of code.\u00a0If Linux uses Grep then Windows uses\u00a0<em>Findstr<\/em>\u00a0.<\/p>\n<blockquote><p><em>$ findstr \/r \/s \/n \/c: \u201dpassthru *(\u201d *. *<\/em><\/p><\/blockquote>\n<p>Both of these methods are one example of several things that can be done to deal with backdoor issues.<\/p>\n<h2><strong>Closing<\/strong><\/h2>\n<p>In this article has been explained about what is a\u00a0backdoor\u00a0and how the\u00a0backdoor\u00a0works.\u00a0Although simple,\u00a0<em>backdoors<\/em>\u00a0are\u00a0<em>tools<\/em>\u00a0that can be a fatal mistake for system administrators.\u00a0Because it can forcibly take over access rights to the system.<\/p>\n<p>There are several precautions that can be taken to deal with backdoors.\u00a0But the simplest thing you can do is to minimize the use of untrusted files or folders.\u00a0Because sometimes on some themes, for example websites, there are some themes that are embedded\u00a0backdoor\u00a0in it.<\/p>\n<p>Hopefully this article on what a\u00a0<em>backdoor<\/em>\u00a0is can be useful.\u00a0After getting information about\u00a0<em>backdoors<\/em>\u00a0, here are some articles that you may be interested in reading as well.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this article I will explain what a\u00a0backdoor is\u00a0and what types of\u00a0backdoors\u00a0currently exist.\u00a0In addition, how to create a\u00a0backdoor\u00a0will also be explained in the second part.\u00a0At the end of the article there is a\u00a0backdoor\u00a0fix\u00a0that you can try to secure your Linux server. What is Backdoor? Understanding Backdoor in a software or computer system is an undocumented [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1783,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-1780","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/matob.web.id\/random\/wp-json\/wp\/v2\/posts\/1780","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/matob.web.id\/random\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/matob.web.id\/random\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/matob.web.id\/random\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/matob.web.id\/random\/wp-json\/wp\/v2\/comments?post=1780"}],"version-history":[{"count":1,"href":"https:\/\/matob.web.id\/random\/wp-json\/wp\/v2\/posts\/1780\/revisions"}],"predecessor-version":[{"id":2401,"href":"https:\/\/matob.web.id\/random\/wp-json\/wp\/v2\/posts\/1780\/revisions\/2401"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/matob.web.id\/random\/wp-json\/wp\/v2\/media\/1783"}],"wp:attachment":[{"href":"https:\/\/matob.web.id\/random\/wp-json\/wp\/v2\/media?parent=1780"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/matob.web.id\/random\/wp-json\/wp\/v2\/categories?post=1780"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/matob.web.id\/random\/wp-json\/wp\/v2\/tags?post=1780"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}