[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] gallarific backdoored , vulnerable to xss

To: Thomas Pollet <thomas.pollet@xxxxxxxxx>
Subject: Re: [Full-disclosure] gallarific backdoored , vulnerable to xss
From: Andrew Farmer <andfarm@xxxxxxxxx>
Date: Tue, 15 Apr 2008 15:26:18 -0700

On 15 Apr 08, at 09:07, Thomas Pollet wrote:
> I was looking at the free version of gallarific, and I found some  
> suspicious
> code in the scopbin directory.
> Attached is a file I found in the zip i downloaded, in case someone  
> wants to
> decode it.

Looks like a component of the ScopBin PHP obfuscator. It's not  
particularly hard to reverse, but I didn't bother.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] gallarific backdoored , vulnerable to xss
  - From: Thomas Pollet

Prev by Date: [Full-disclosure] iDefense Security Advisory 04.09.08: IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability
Next by Date: [Full-disclosure] [ MDVSA-2008:086 ] - Updated kernel packages fix vulnerability
Previous by thread: [Full-disclosure] gallarific backdoored , vulnerable to xss
Next by thread: [Full-disclosure] [SECURITY] [DSA 1540-2] New lighttpd packages fix denial of service
Index(es):
- Date
- Thread