Vulnerable file found (XCloner.php - Generic PHP Shell) | General Questions and Support | Forum Archive

The free forums are no longer in use. It remains available as read-only archive.

Avatar
sp_LogInOut Log In
Lost password?
sp_Search Search
Advanced Search
Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
sp_Search Search
Go to Bottom
The forums are currently locked and only available for read only access
sp_TopicIcon
Vulnerable file found (XCloner.php - Generic PHP Shell)
November 7, 2011
11:05 am
Avatar
Guest
Guests
Go to Top
1sp_EditHistory sp_Permalink sp_Print

Hi,

i use website defender on my site http://www.karnhack.com and it identified a possibly malicious file:

The file /wp-content/plugins/xcloner-backup-and-restore/restore/XCloner.php was identified as a possibly malicious file (Generic PHP Shell).

 

Pattern detection: shell_exec($_REQUEST['mysqldump_path']

 

probably is not anything serious, but I wanted to submit it to your attention. Thanks

November 7, 2011
2:49 pm
Avatar
Ovidiu Liuta
Admin
Forum Posts: 2484
Member Since:
September 26, 2010
sp_UserOfflineSmall Offline
sp_UserWebsite sp_Twitter sp_GooglePlus
Go to Top
2sp_Permalink sp_Print

Yes, XCloner makes use of php shell_exec function as an option when restoring. That file is only used on restore, so it can be deleted from your existing server! Ovidiu

sp_Feed All RSS
Go to top
Forum Timezone: America/Chicago
Most Users Ever Online: 867
Currently Online:
Guest(s) 1
Currently Browsing this Page:
1 Guest(s)
Top Posters:
mlguru: 30
Django29: 29
D: 21
Andy: 21
Marcus: 20
Jamie F: 19
Member Stats:
Guest Posters: 738
Members: 10048
Moderators: 2
Admins: 3
Forum Stats:
Groups: 3
Forums: 7
Topics: 2397
Posts: 8236
Newest Members:
Gayira Duncan
Moderators: TriP: 0, Steve Burge: 0
Administrators: Ovidiu Liuta: 2484, Victor Drover: 1, Valentin Barbu: 0