Re: Securing your Sites

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



ALL of them should report trojan if you download them to your cache but
only should be an issue if you have PHP installed on that machine and
then execute that code in your own php server.

They are all trojans/back door.

But if you view the source then you aren't going to bork yourself.

As they are now all tar.gz the AV scanners should all catch them as
trojans, so you will need to tell your scanner to all you to access that
folder, save it to your local drive and view the source in your favorite
text editor to look at them.

Wolf

Dan Parry wrote:
>> -----Original Message-----
>> From: Wolf [mailto:LoneWolf@xxxxxxxxx]
>> Sent: 17 December 2007 16:00
>> To: admin@xxxxxxxxxxxxxxxxxxx
>> Cc: php-general@xxxxxxxxxxxxx
>> Subject: Re:  Securing your Sites
>>
>> Funny, they should all be PHPS, source only and my last check only did
>> them on the source viewing.  None of them are executable in that
>> folder.
>>
>> You got it from elsewhere.
> 
> Sorry, update
> 
> Scanning with AVG reveals that c99-2, 3 and 4 report backdoor Trojan infections but it occurs to me that maybe AVG is just finding the malicious payload you are demonstrating?
> 
> I'd like to thank you for supplying the source for these exploits... If I've made a mistake and compounded an incorrect situation I do apologise
> 
> Dan
> 
>> admin@xxxxxxxxxxxxxxxxxxx wrote:
>>> I want to personally thank you for 6 hours of work to remove the
>>> PHP-Back-door Trojan, that download from your site to my PC while
>> viewing that POS you call a help line.
>>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>> No virus found in this incoming message.
>> Checked by AVG Free Edition.
>> Version: 7.5.503 / Virus Database: 269.17.4/1187 - Release Date:
>> 16/12/2007 11:36
>>
> 
> No virus found in this outgoing message.
> Checked by AVG Free Edition. 
> Version: 7.5.503 / Virus Database: 269.17.4/1187 - Release Date: 16/12/2007 11:36
>  
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux