Dailydave mailing list archives

Re: On "Application Level Rootkits"

From: Sebastian Krahmer <krahmer () suse de>
Date: Thu, 1 Feb 2007 10:30:28 +0100 (CET)

On Wed, 31 Jan 2007, LMH wrote:

I just wrote down some thoughts about curious backdoors
a few days ago:
http://c-skills.blogspot.com/2007/01/good-side-of-spam.html
The syslog backdoor existst, is straight forward but I dont know
how to proper do the tabs within the blog :)

Sebastian

I'm curious if someone else has ever done work around a PHP extension
backdoor. I've been checking code around and it seems to be a nice
possibility.

Drop the extension and have the target host send a blue haired Goatse
image when a specific token is passed via the query string to any PHP
script. Or something else more fruitful.

-- Lance.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave


-- 
~
~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer () suse de - SuSE Security Team
~

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

On "Application Level Rootkits" LMH (Jan 31)
- Re: On "Application Level Rootkits" Sebastian Krahmer (Feb 01)