[WsIRT#723] C99Shell @AS41186

 CastleCops -> WsIRT Reports
Author: Paul PostPosted: Wed Dec 12, 2007 12:42 am    Post subject: [WsIRT#723] C99Shell @AS41186
Attack Alert
 
 Full Report: CastleCops Link/C99Shell_attack723.html
 
 Changed status to confirmed attack.
IP Converted: 195.114.18.91

dword = 3279032923
hex1 = 0xc372125b
hex2 = 0xc3.0x72.0x12.0x5b
oct = 0303.0162.022.0133
This is the c99 shell script written in PHP that attackers are attempting to inject into remote webservers, and if successful, compromises such servers for their nefarious uses. Please remove immediately.

This particular c99's footer: Modded by Shadow & Preddy | http://rootshell-security.net RootShell Security Group.
View CIDR AS41186 Report: http://www.cidr-report.org/cgi-bin/as-report?as=41186

"41186 | FR | ripencc | 2006-06-27 | ISPFR-AS ISPFR"<br />
Extended information for AS41186:
State/Province:
Country:
Responsible Domain: ispfr.net
Abuse Email: tech@ispfr.net
Quote:
http://fsf.efoot.info/mambots/editors/99.txt
CastleCops -> WsIRT Reports

All times are GMT

Page 1 of 1


Powered by phpBB © 2001 phpBB Group