Attack (Attack ID:302042)

Release Date09/07/2012

Attack NameDetected WebShell azrailphp.php 

Severity

BUG ID

CVE ID

 

Description

azrailphp.php is a web-based Trojan running in PHP environment which is designed to compromise Web servers without being noticed. It can breach firewalls and monitor Web servers through Internet remotely.

The main functions include:
File management, host information reconnaissance, web proxy, remote command and script execution, database operation, webpage trojaning, privilege escalation, etc.

Affected system:
Windows and Unix Web servers

 

Solution

Delete the PHP Trojan webpage and fix the vulnerability.