April 10, 2008 - 11:11 UTC - Tags: security RFI PHP
I wrote a post about an RFI attack some days ago. The post is available
here. The RFI script attempted to open backdoors by decoding and compiling base64 encoded c-code. The code was also available in perl versions. The script also allowed arbitrary upload and download of files, database dumps and much much more.