Found this in a broken websites I worked on a couple of years ago. A very dangerous piece of code. It’s a first stage malware dropper.

It appears that it was used to install WSO remote webshell. Joomla’s weblink module vulnerability to MySQL injection was exploited to compromise system.

Tags: , Categories: Blog

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.