RE: perl/php connect-back backdoor?
From: Rick Patel (rikul_at_interbee.com)
Date: 07/28/03
- Previous message: H D Moore: "Re: is it even possible for a worm with dcom vuln?"
- In reply to: Ingram: "perl/php connect-back backdoor?"
- Next in thread: Knud Erik Højgaard: "Re: perl/php connect-back backdoor?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <vuln-dev@securityfocus.com> Date: Mon, 28 Jul 2003 14:35:50 -0600
Well you could write php script with C code in it, then write C code to
/tmp/.foo.c, compile and run that using system(..) calls in php. Thats
easiest way I see of doing that.
-----Original Message-----
From: Ingram [mailto:Vail@gmx.net]
Sent: Sunday, July 27, 2003 11:20 AM
To: vuln-dev@securityfocus.com
Subject: perl/php connect-back backdoor?
hi folks,
while pentesting a webserver i found a way to upload cgi/php scripts to
/cgi-bin, but as verified with hping all ports except 113 (which needs
root
privs) are filtered. Means i couldn't use a portbinding backdoor,
because all i got right know is uid www. I think a connect-back perl/php
code could made it through this packtfilter, as the outbound rules could
be less tight.
Anyone aware of a backdoor like this?
Thx in advantage
Ingram
-- +++ GMX - Mail, Messaging & more http://www.gmx.net +++ Jetzt ein- oder umsteigen und USB-Speicheruhr als Prämie sichern!
- Previous message: H D Moore: "Re: is it even possible for a worm with dcom vuln?"
- In reply to: Ingram: "perl/php connect-back backdoor?"
- Next in thread: Knud Erik Højgaard: "Re: perl/php connect-back backdoor?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
