Adrian, et al:
@Vyrus001 (vyrus () dc949 org) took a crack at it and asked that I forward
this along to the group:
"attached is your web shell mostly unpacked
the other segmants are just base64'ed so if u want to see the imgs or
the src code examples u can look. Its a pretty lame shell overall,
upload / download, sql tools, a dll exploit priv esc, typical shell
utils, and a decent file grepper. I didn't bother to look at the
unprintables in the comments but yea, it's either .cn or .kr
password is password"
On 2/5/12 10:05 AM, Adrian Crenshaw wrote:
Hi all,
I found this little dingle berry hanging off a shared host box I
control. Not 100% sure how it got there, and the damn logs don't go far
enough back. I plan to have a coworker translate what I think is Chinese
later. Figured I'd give it to you all to have analytical fun with.
Adrian
--
"The ability to quote is a serviceable substitute for wit." ~ W.
Somerset Maugham
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
