APT_REPORT/phpstudyGhost at 5319f728d3a781a236f41aae496949cb57a52db2 - APT_REPORT - 临风笛

admin/APT_REPORT

mirror of https://github.com/blackorbird/APT_REPORT.git synced 2025-05-08 03:36:32 +00:00

History

blackorbird 728b70c154

Create README.MD

2019-09-23 09:58:16 +08:00

..

README.MD

Create README.MD

2019-09-23 09:58:16 +08:00

README.MD

phpstudyGhost

tampered php_xmlrpc.dll MD5:

c339482fd2b233fb0a555b629c0ea5d5

0f7ad38e7a9857523dfbce4bce43a9e9

8c9e30239ec3784bb26e58e8f4211ed0

e252e32a8873aabf33731e8eb90c08df

9916dc74b4e9eb076fa5fcf96e3b8a9c

f3bc871d021a5b29ecc7ec813ecec244

9756003495e3bb190bd4a8cde2c31f2e

d7444e467cb6dc287c791c0728708bfd

infected ver: 2018 ver PhpStudy install package

md5: fc44101432b8c3a5140fcb18284d2797

2016 ver PhpStudy install package

md5: a63ab7adb020a76f34b053db310be2e9

md5：0d3c20d8789347a04640d440abe0729d

URL：

hxxp://public.xp.cn/upgrades/PhpStudy20180211.zip

hxxps://www.xp.cn/phpstudy/phpStudy20161103.zip

hxxps://www.xp.cn/phpstudy/PhpStudy20180211.zip

C2:

www.360se.net:20123

www.360se.net:40125

www.360se.net:8080

www.360se.net:80

www.360se.net:53

bbs.360se.net:20123

bbs.360se.net:40125

bbs.360se.net:8080

bbs.360se.net:80

bbs.360se.net:53

cms.360se.net:20123

cms.360se.net:40125

cms.360se.net:8080

cms.360se.net:80

cms.360se.net:53

down.360se.net:20123

down.360se.net:40125

down.360se.net:8080

down.360se.net:80

down.360se.net:53

up.360se.net:20123

up.360se.net:40125

up.360se.net:8080

up.360se.net:80

up.360se.net:53

file.360se.net:20123

file.360se.net:40125

file.360se.net:8080

file.360se.net:80

file.360se.net:53

ftp.360se.net:20123

ftp.360se.net:40125

ftp.360se.net:8080

ftp.360se.net:80

ftp.360se.net:53