sixohthree.com

test.txt: PHP Exploit in Server Logs

I noticed some strange requests in my Apache logs today. People were referencing external files named “test.txt” in arguments to PHP scripts. It seems to be a remote execution exploit targeting Windows servers, but I’m not sure which piece of software is at risk. I’ll update this page if I find it’s targeting some specific software.

I saved a copy for posterity, after replacing the opening PHP brace with “<-- php.”

Sharing:

 

Details:

This entry was published at 15:33 on 5 February, 2008 by Adam Backstrom. It was posted in Web. Bookmark the permalink, or share the shortened link.

Leave a Comment

HTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

© 2000–2012 Adam Backstrom, BY-SA 2.0