Attack (Attack ID:302031)

Release Date08/22/2012

Attack NameDetected WebShell SimAttacker.php

Severity

BUG ID

CVE ID

 

Description

SimAttacker.php is a web-based Trojan running in PHP environment which is designed to compromise Web servers without being noticed. It can breach firewalls and monitor Web servers through Internet remotely.

The main functions include:
File management, host information reconnaissance, web proxy, remote command and script execution, database operation, webpage trojaning, privilege escalation, etc.

Affected system:
Windows and Unix Web servers

 

Solution

Delete the PHP Trojan webpage and fix the vulnerability.