menu

PHP Minishell Backticks Redux

2021-05-13 :: Luke
#backdoor  #minishell  #one-liner  #PHP  #website malware  PHP Minishell Backticks Redux
A variant of the PHP backtick minishell that obfuscates a PHP superglobal to evade detection.
Read more →

Backticks + $_POST = PHP minishell

2021-03-25 :: Luke
#backdoor  #minishell  #one-liner  #PHP  #website malware  Backticks + $_POST = PHP minishell
The use of the lesser known backtick operator and $_POST results in probably one of the smallest PHP one-liner minishells: ~12 characters
Read more →

Malware Disables Wordfence Security Plugin & Forges Timestamps

2020-12-16 :: Luke
#backdoor  #plugin killer  #wordpress  #PHP  #website malware  Malware Disables Wordfence Security Plugin & Forges Timestamps
A malicious PHP file is used to take down Wordfence plugin before it adjusts its own mtime timestamp.
Read more →

PHP Injector Makes Evil Use of error_log

2020-12-15 :: Luke
#1550208479  #error_log  #injector  #backdoor  #PHP  #website malware  PHP Injector Makes Evil Use of error_log
A PHP backdoor that injects its payload into the default PHP error_log
Read more →

WordPress Comment Activates Backdoor Via SQL Trigger

2020-11-12 :: Luke
#admin user creator  #kentuckyfriedbeef  #sql trigger backdoor  #SQL  #backdoor  #PHP  #website malware  WordPress Comment Activates Backdoor Via SQL Trigger
Attackers are using SQL triggers as a backdoor to create a malicious admin user whenever a special comment is submitted to an infected WordPress website.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.