A webshell and a normal file that have the same MD5
3 days ago
- #Webshell
- #MD5 Collision
- #Security Bypass
- Repository contains two PHP files with identical MD5 hashes: normal.php and webshell.php.
- Webshell.php includes a PHP webshell that executes code passed via GET parameter.
- Hexdumps provided for both files show their binary content despite identical hashes.
- This technique can potentially bypass cached webshell detection mechanisms.
- Reference link provided to a Chinese article discussing this method.