Dear all , all you know about the new methods of attack like phpshell code ,
and the old methods like iframe attack
i did scan all upload files via pure-ftp , Cpanel Uploader , and PHP upload
.
But what if the attacker , open an php editor , put the virus code in the
editor , hit submit . the code
:
>
> > > On Tue, 9 Feb 2010 beshoo wrote:
> > >
> > > > i need to scan the post data , not the POST uploaded files
> >
> > On 09.02.10 11:27, G.W. Haywood wrote:
> > >
> > > man clamd
> > >
> > > Look for 'INSTREA
was found while downloading %u.\
The transfer has been aborted.\
\
\
\
"
But after all of that , i can send a POST with a phpshell virus , what the
wrong steps that i did and please correct me :)
thank you for your patient :)
On Sun, Feb 21, 2010 at 7:44 PM, G.W. Haywood wrote
my achieve is to stop hackers from saving file to my server via HTTP Post to
php page. or via edit the php file from CPANEL and paste the shellphp code
, that is my goal .
On Mon, Feb 22, 2010 at 7:40 AM, steve wrote:
>
> On Mon, 2010-02-22 at 07:10 +0200, beshoo wrote:
> &
d to look. ClamAV is not the tool
> needed here.
>
> Lyle
>
>
> beshoo wrote:
>
>> my achieve is to stop hackers from saving file to my server via HTTP Post
>> to
>> php page. or via edit the php file from CPANEL and paste the shellphp code
>> , that
