Anti-WebShell PHP Backdoor Scanner pada Linux Server

Christian Ronaldo Sopaheluwakan(1*); Dian Widiyanto Chandra(2);

(1) Universitas Kristen Satya Wacana
(2) Universitas Kristen Satya Wacana
(*) Corresponding Author



Backdoor or commonly also known as web shell is one of the malicious software that hackers use to maintain access systems that they have entered. Relatively few programs like Anti Web-Shell, PHP Backdoor Scanner circulating on the Internet, and can be obtained free of charge to deal with the issues above. But most of these programs have no actual database of signature behavior to deal with PHP backdoor / Shell nowadays. Then comes the contemporary Anti Web-Shell program that can deal with today's backdoor shell. This study uses an experimental method concerning previous similar studies and is implemented directly into the world of cyber security professional industries. By enriching the Regex dictionary signature and String Array Matching the actualized Anti Web-Shell program can detect more backdoor than similar programs that have existed in the past. The results of this study are in the form of a web application software in PHP extension. The application can minimize 100% of false positives and is twice as fast in scanning files because it is more specific in heuristic analysis scan.


Anti Web Shell; Backdoor Scanner; Backdoor Shell; Network Security; Linux Server


Full Text:


Article Metrics

Abstract view: 4167 times
PDF view: 882 times

Digital Object Identifier




T. S. Hartono, “Amankan Website Anda Dari ‘Defacement,’” 2011. (accessed Apr. 13, 2019).

U. Ite and H. Pidana, “Kejahatan Defecting :,” vol. 3, pp. 143–159, 2015.

C. Camilo, U. López, M. G. Peña, J. Luis, O. Quintero, and A. Estado, “Antidefacement - State of art,” vol. 14, pp. 9–27, 2016, doi: 10.18046/syt.v14i39.2341.

B. Ghozali, M. Teknik, I. Universitas, and A. Yogyakarta, “Mendeteksi Kerentanan Keamanan Aplikasi Website Menggunakan Metode Owasp ( Open Web Application Security Project ) untuk Penilaian Risk Rating,” pp. 264–275.

J. Javier, B. Andrade, and D. Gan, “A Forensics Investigation into Attacks on Linux Servers.”

S. Kumar and D. Agarwal, “Hacking Attacks , Methods , Techniques And Their Protection Measures,” vol. 4, no. 4, 2018.

P. H. P. W. Shell and G. Supriyatno, “Searching for Forensic Evidence in a Compromised Virtual Web Server against SQL Injection Attacks,” vol. 12, no. 12, pp. 1057–1063, 2018.

T. A. Cahyanto, V. Wahanggara, and D. Ramadana, “Analisis dan Deteksi Malware Menggunakan Metode Malware Analisis Dinamis dan Malware Analisis Statis,” pp. 19–30.

N. I. Widiastuti and M. Iqbal, “Basic Static Code Analysis Untuk Mendeteksi Backdoor Shell Pada Web Server,” J. INFOTEL, vol. 9, no. 2, p. 177, 2017, doi: 10.20895/infotel.v9i2.209.

T. Wijayanto, A. Susilo, T. Wijayanto, and A. Susilo, “Implementasi Backdoor Scanner Tool Menggunakan Metode Carving File Pada Server Codepolitan,” pp. 141–148, 2017.

O. W. Purbo, Keamanan Jaringan. Jakarta, 2011.

M. Universitas, B. Darma, D. Universitas, B. Darma, J. A. Yani, and N. Plaju, “Analisis Pendeteksian dan Pencegahan Serangan Backdoor Pada Layanan,” no. 12, pp. 1–10.

Ali Mahmudi, “Sistem keamanan jaringan mendeteksi backdooruntuk menemukan celah dan exploitspada web server menggunakan teknik IDS (Intrusion Detection System),” Simki-Techsin, vol. 01, no. 04, pp. 1–10, 2017, [Online]. Available:

H. Alnabulsi, “Textual Manipulation for SQL Injection Attacks,” pp. 26–33, 2014, doi: 10.5815/ijcnis.2014.01.04.

J. Komputasi, “Pembangunan Sistem Operasi Berbasis Linux Menggunakan Metode Linux From Scratch,” vol. 1, no. 2, pp. 30–37, 2014.

T. M. Aji, D. E. Riyanto, and H. A. Wibawa, “Penerapan web services dan regular expression untuk verifikasi alamat berbasis hasil penelusuran,” vol. 1, no. 1, pp. 38–51, 2012.


  • There are currently no refbacks.

Copyright (c) 2020 Christian Ronaldo Sopaheluwakan, Dian Widiyanto Chandra

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.