403Webshell
Server IP : 23.111.136.34  /  Your IP : 216.73.216.136
Web Server : Apache
System : Linux servidor.eurohost.com.br 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User : meusitei ( 1072)
PHP Version : 5.6.40
Disable Function : show_source, system, shell_exec, passthru, proc_open
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /etc/cpguard/sigs/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /etc/cpguard/sigs/me.cpg.yara
private rule is_php {
    strings:
        $str = "<?"

    condition:
        $str
}

rule Malware_Expert_General_Uploader : Malware_Expert {
    meta:
		description = "Malware.Expert - General Uploader"
                author = "Malware.Expert"
                reference = "https://malware.expert"
                date = "2018-11-15"

    strings:
        $str1 = "multipart/form-data"
        $str2 = "$_FILE["
        $str3 = "move_uploaded_file"
	$str4 = /\bcopy\s*\(/
    condition:
	is_php and (filesize < 1024) and $str1 and ($str2 or $str3 or $str4)
}

/*
rule Malware_Expert_General_Malware : Malware_Expert {
    meta:
		description = "Malware.Expert - General small malware"
                author = "Malware.Expert"
                reference = "https://malware.expert"
                date = "2018-11-15"

    strings:
        $str1 = /(\$_SERVER|\$_GET|\$_POST|\$_REQUEST|\$_COOKIE)/
        $str2 = /(eval|assert|\$.*\(\s*\)\s*;)/
        $str3 = "base64_decode"
    condition:
	is_php and (filesize < 250) and (2 of ($*))
}
*/

Youez - 2016 - github.com/yon3zu
LinuXploit