This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Re(1): Mystery infestation strikes Linux/Apache Web sites

Posted by: Anonymous [ip: 70.106.31.190] on January 25, 2008 03:15 PM
My point is that the security note over at cpanel says that the file names that it creates are random 5 char names and then .js. Always exactly 5 chars. The regex posted will match any .js file with AT LEAST 5 chars. It will match abcde.js and it will also match abcdefghigklmnop.js. The article says that if you get any output with the posted regex then you are most likely infected. That's not true. In order to fix the regex, you would put a slash character at the beginning of the regex to match a directory , then have the [a-zA-Z]...

#

Return to Mystery infestation strikes Linux/Apache Web sites