PaulDotCom mailing list archives
Re: Webshell if anyone want's to look at it
From: xgermx <xgermx () gmail com>
Date: Wed, 8 Feb 2012 11:27:31 -0600
http://www.secday.com/vdb/TT/WebShell/PHPShell-1.txt :) On Tue, Feb 7, 2012 at 4:11 PM, Larry Pesce <larry () pauldotcom com> wrote:
Adrian, et al: @Vyrus001 (vyrus () dc949 org) took a crack at it and asked that I forward this along to the group: "attached is your web shell mostly unpacked the other segmants are just base64'ed so if u want to see the imgs or the src code examples u can look. Its a pretty lame shell overall, upload / download, sql tools, a dll exploit priv esc, typical shell utils, and a decent file grepper. I didn't bother to look at the unprintables in the comments but yea, it's either .cn or .kr password is password" On 2/5/12 10:05 AM, Adrian Crenshaw wrote:Hi all, I found this little dingle berry hanging off a shared host box I control. Not 100% sure how it got there, and the damn logs don't go far enough back. I plan to have a coworker translate what I think is Chinese later. Figured I'd give it to you all to have analytical fun with. Adrian -- "The ability to quote is a serviceable substitute for wit." ~ W. Somerset Maugham _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Webshell if anyone want's to look at it Adrian Crenshaw (Feb 05)
- Re: Webshell if anyone want's to look at it Larry Pesce (Feb 07)
- Re: Webshell if anyone want's to look at it xgermx (Feb 09)
- Re: Webshell if anyone want's to look at it Larry Pesce (Feb 07)