←back to thread

A webshell and a normal file that have the same MD5

(github.com)
98 points shlomo_z | 1 comments | 21 Sep 25 05:52 UTC | HN request time: 0.329s | source
Show context
Incipient ◴[24 Sep 25 06:04 UTC] No.45356813[source]
The idea here is you can trigger a server to run the "safe" php file, then send it the webshell version, which passes hash based scanning?
replies(2): >>45356897 #>>45357819 #
1. sim7c00 ◴[24 Sep 25 08:46 UTC] No.45357819[source]
the safe file is not a valid php file? it might be executed if php is like javascript ignorning valid chars, but i doubt something actually 'looking at it' would accept it as benign or valid.