php - a defacement file information request
A while back casus15.php was being found on a number of servers. According to one source at the time "Its a script that was created to excute system commands on your server using the system() function.". If you're running into casus15.php please drop us a note on your determination of how it was installed at your network.
casus15.php has shown up a few times at Zone-H DIGITAL ATTACKS ARCHIVE.
Googlebot's capture of one system, that caught a SSH connection, scroll to the bottom and catch;
_ENV["SSH_CONNECTION"] 200.74.99.107 4172 217.160.240.17 22
Thanks!
casus15.php has shown up a few times at Zone-H DIGITAL ATTACKS ARCHIVE.
Googlebot's capture of one system, that caught a SSH connection, scroll to the bottom and catch;
_ENV["SSH_CONNECTION"] 200.74.99.107 4172 217.160.240.17 22
Thanks!
Keywords:
0 comment(s)
×
Diary Archives
Comments