On "Application Level Rootkits"

[LMH <lmh () info-pull com>]

I'm curious if someone else has ever done work around a PHP extension
backdoor. I've been checking code around and it seems to be a nice
possibility.

Drop the extension and have the target host send a blue haired Goatse
image when a specific token is passed via the query string to any PHP
script. Or something else more fruitful.

-- Lance.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave