PaulDotCom mailing list archives
Re: Webshell if anyone want's to look at it
From: Larry Pesce <larry () pauldotcom com>
Date: Tue, 07 Feb 2012 17:11:36 -0500
Adrian, et al: @Vyrus001 (vyrus () dc949 org) took a crack at it and asked that I forward this along to the group: "attached is your web shell mostly unpacked the other segmants are just base64'ed so if u want to see the imgs or the src code examples u can look. Its a pretty lame shell overall, upload / download, sql tools, a dll exploit priv esc, typical shell utils, and a decent file grepper. I didn't bother to look at the unprintables in the comments but yea, it's either .cn or .kr password is password" On 2/5/12 10:05 AM, Adrian Crenshaw wrote:
Hi all,
I found this little dingle berry hanging off a shared host box I
control. Not 100% sure how it got there, and the damn logs don't go far
enough back. I plan to have a coworker translate what I think is Chinese
later. Figured I'd give it to you all to have analytical fun with.
Adrian
--
"The ability to quote is a serviceable substitute for wit." ~ W.
Somerset Maugham
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Attachment:
new.zip
Description:
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Webshell if anyone want's to look at it Adrian Crenshaw (Feb 05)
- Re: Webshell if anyone want's to look at it Larry Pesce (Feb 07)
- Re: Webshell if anyone want's to look at it xgermx (Feb 09)
- Re: Webshell if anyone want's to look at it Larry Pesce (Feb 07)