Attack (Attack ID:302023)
Release Date:03/14/2012
Attack Name:Detected WebShell PHPSpy 201X
Severity:
BUG ID:
CVE ID:
PHPSpy is a web-based Trojan running in PHP environment which is designed to compromise Web servers without being noticed. It can breach firewalls and monitor Web servers through Internet remotely.The main functions include:
File management, host information reconnaissance, web proxy, remote command and script execution, database operation, webpage trojaning, privilege escalation, etc.
Affected system:
Windows and Unix Web servers
PHPSpy 2009
PHPSpy 2010
PHPSpy 2011
Delete the PHP Trojan webpage and fix the vulnerability.