[nsp-sec] ACK 174 RE: Linux webserver botnet
Nicholas Ianelli
ni at centergate.net
Mon Sep 14 17:04:30 EDT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
All the php files I saw were 0 byte. I will send you the PDF file in
another email. If others are interested let me know.
All the PDFs I was able to obtain were the same (MD5):
3228c641929bb40475c44a26bda8531a
Nick
Tom Daly wrote:
> ----------- nsp-security Confidential --------
>
>> Payload was the usual:
>>
>> :8080/index.php
>> :8080/cache/readme.pdf
>
> Steve,
> Any chance you have copies of these files?
>
> Tom
>
- --
Nicholas Ianelli: Neustar, Inc.
Security Operations
46000 Center Oak Plaza Sterling, VA 20166
+1 571.434.4691 - http://www.neustar.biz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
iEYEARECAAYFAkqur94ACgkQi10dJIBjZICgLQCdE1yu2hx/m6cbtUOxuBC2oVWf
NnQAn3ULV43LiGaEAuJxTeM8mAragp2E
=GzTN
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list