1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: PHP Shell Command Execution 2

System Infected: PHP Shell Command Execution 2

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects PHP shell uploads and PHP shell commands sent to web servers.

Additional Information

PHP Shell is a shell created in PHP script. This PHP script is uploaded into remote webservers which are later used as a tool to run arbitrary commands, upload arbitrary files to the compromised server.

Affected

  • Various webservers.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube