ALL of them should report trojan if you download them to your cache but only should be an issue if you have PHP installed on that machine and then execute that code in your own php server.
They are all trojans/back door. But if you view the source then you aren't going to bork yourself. As they are now all tar.gz the AV scanners should all catch them as trojans, so you will need to tell your scanner to all you to access that folder, save it to your local drive and view the source in your favorite text editor to look at them. Wolf Dan Parry wrote: >> -----Original Message----- >> From: Wolf [mailto:[EMAIL PROTECTED] >> Sent: 17 December 2007 16:00 >> To: [EMAIL PROTECTED] >> Cc: php-general@lists.php.net >> Subject: Re: [PHP] Securing your Sites >> >> Funny, they should all be PHPS, source only and my last check only did >> them on the source viewing. None of them are executable in that >> folder. >> >> You got it from elsewhere. > > Sorry, update > > Scanning with AVG reveals that c99-2, 3 and 4 report backdoor Trojan > infections but it occurs to me that maybe AVG is just finding the malicious > payload you are demonstrating? > > I'd like to thank you for supplying the source for these exploits... If I've > made a mistake and compounded an incorrect situation I do apologise > > Dan > >> [EMAIL PROTECTED] wrote: >>> I want to personally thank you for 6 hours of work to remove the >>> PHP-Back-door Trojan, that download from your site to my PC while >> viewing that POS you call a help line. >>> >> -- >> PHP General Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> No virus found in this incoming message. >> Checked by AVG Free Edition. >> Version: 7.5.503 / Virus Database: 269.17.4/1187 - Release Date: >> 16/12/2007 11:36 >> > > No virus found in this outgoing message. > Checked by AVG Free Edition. > Version: 7.5.503 / Virus Database: 269.17.4/1187 - Release Date: 16/12/2007 > 11:36 > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
