Hosting Provided By

RE: perl/php connect-back backdoor?

From: Rick Patel <rikul(at)interbee.com>
Date: Mon Jul 28 2003 - 16:35:50 EDT

Well you could write php script with C code in it, then write C code to
/tmp/.foo.c, compile and run that using system(..) calls in php. Thats
easiest way I see of doing that.

-----Original Message-----
From: Ingram [mailto:Vail@gmx.net]
Sent: Sunday, July 27, 2003 11:20 AM
To: vuln-dev@securityfocus.com
Subject: perl/php connect-back backdoor?

hi folks,

while pentesting a webserver i found a way to upload cgi/php scripts to
/cgi-bin, but as verified with hping all ports except 113 (which needs
root
privs) are filtered. Means i couldn't use a portbinding backdoor, because all i got right know is uid www. I think a connect-back perl/php code could made it through this packtfilter, as the outbound rules could be less tight.

Anyone aware of a backdoor like this?

Thx in advantage
Ingram

-- 
+++ GMX - Mail, Messaging & more  
http://www.gmx.net +++

Jetzt ein- oder umsteigen und USB-Speicheruhr als Prämie sichern!

Received on Mon Jul 28 17:03:49 2003

This message: [ Message body ]
Next message: Justin Pryzby: "Re: Password Cracking Challenge..."
Previous message: H D Moore: "Re: is it even possible for a worm with dcom vuln?"
In reply to Ingram: "perl/php connect-back backdoor?"
Next in thread: Knud Erik Højgaard: "Re: perl/php connect-back backdoor?"
Reply: Knud Erik Højgaard: "Re: perl/php connect-back backdoor?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:40 EDT