menu

WordPress Injection Exfiltrates Admin Login

2021-06-09 :: Luke
#php backdoor  #login stealer  #$ccc_url  #wordpress  #PHP  #website malware  WordPress Injection Exfiltrates Admin Login
wp-login.php injection silently exfiltrates a victim’s username and password back to the attacker’s server.
Read more →

Gel4y Mini Shell by Indonesian Darknet

2021-06-07 :: Luke
#Gel4y  #minishell  #Indonesian Darknet  #backdoor  #PHP  #website malware  Gel4y Mini Shell by Indonesian Darknet
Another PHP web shell that promises it can bypass ‘server security’.
Read more →

XBALTI Phishing Kits

2021-05-21 :: Luke
#XBALTI  #phishing kit  #phishing  #fraud  #PHP  XBALTI Phishing Kits
Analysis of the XBALTI phishing kits and their exfiltration techniques.
Read more →

PHP Minishell Backticks Redux

2021-05-13 :: Luke
#backdoor  #minishell  #one-liner  #PHP  #website malware  PHP Minishell Backticks Redux
A variant of the PHP backtick minishell that obfuscates a PHP superglobal to evade detection.
Read more →

lolzilla Skimmer: PHP or JS?

2021-05-08 :: Luke
#lolzilla  #portzilla  #skimmer  #ecommerce  #magento  #JavaScript  #PHP  #website malware  lolzilla Skimmer: PHP or JS?
lolzilla skimmer analyzes a visitor’s HTTP request to determine whether it can capture the visitor’s payment data using a PHP skimmer or if it should deploy a JavaScript skimmer onto the checkout page to capture the data.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.