This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Identifying Exploit Sites

Due to our home page not loading, I found an exploit on our website with the file Backdoor:PHP/C99shellmbedded in the index.php file.

I had no such file, or a server running on my local computer. When I downloaded
the file and scanned the file, I was able to identify the malware AND the remote site

that was controlling the embedded script. I determined the IP address of the

xploiting site.

Is there a tool to scan these identified sites that will determine if they are running

the malware? Also, is there a site with a listing of these malware sites? No surprising,

the exploit orginated in China with a .com and an .cn domain.

I have added their IP addresses to be blocked via the control panel, but I suspect there

are thousands of IP addresses actively working on embedding similar exploits.

This thread was automatically locked due to age.

0 angelace over 14 years ago

I'm having a similar issue - with a different site and files of course. But will be following the suggested thread. Once teh issue is resolved I'll start a thread Identifying Threats and Treating them - Cheeers!
:16305
Cancel
Vote Up 0 Vote Down

Cancel