Smoker Backdoor: Evasion Techniques in Webshell Backdoors
Luke Leal “Smoker Backdoor” is a PHP webshell backdoor that uses hexadecimal and decimal obfuscation in conjunction with the PHP function goto to evade detection from malware…
Browsing Category
Sucuri Labs
336 posts
String Concatenation: Obfuscation Techniques
Krasimir Konov While string concatenation has many valuable applications in development — such as making code more efficient or functions more effective — it is also a…
PHP Binary Downloader
When possible, an attacker will want to avoid using specific functions in their PHP code that they know are more likely to be flagged by…
PHP Backdoor Obfuscated One Liner
In the past, I have explained how small one line PHP backdoors use obfuscation and strings of code in HTTP requests to pass attacker’s commands…
SEO Hacktool: Sitemap Generator
An XML sitemap is an important part of a website’s SEO and exists to help search engine crawlers index new URLs on your website. For…
Reverse String WooCommerce WordPress Credit Card Swiper
Ben Martin As 2020 continues to be the worst year in almost anybody’s lifetime, allow me to take this opportunity to stoke the fires of your existential…
Skimmers in Images & GitHub Repos
Denis Sinegubko MalwareBytes recently shared some information about web skimmers that store malicious code inside real .ico files. During a routine investigation, we detected a similar issue.…
Malicious Magento User Creator
We recently found a simple malicious script leveraging Magento’s internal functions to create a new admin user with the admin role “Inchoo” — probably referring…
Fake WordPress Plugin SiteSpeed Serves Malicious Ads & Backdoors
Fake WordPress plugins appear to be trending as an effective way of establishing a foothold on compromised websites. During a recent investigation, we discovered a…
Vulnerabilities Digest: June 2020
John Castro Highlights for June 2020 Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking advantage of the lack of…
Labs Notes Monthly Recap – May/2020
Juliana Lewis In 2020, we doubled up our research efforts to report on many new attacks and hacks that we see in the wild. We believe that…