[clamav-users] basic malware missed???

Dennis Peterson dennispe at inetnw.com
Tue Mar 24 18:04:32 EDT 2015


The string you are looking for is not necessarily the only one you should be 
looking for for that exploit. More information here:

http://somewebgeek.com/2014/wordpress-remote-code-execution-base64_decode/

Steve at SaneSecurity has a nice document on creating your own signatures here:

http://sanesecurity.com/support/documentation/

On 3/24/15 2:40 PM, Steve Holdoway wrote:
> Hi folks,
>
> I'm in the process of cleaning up an infected wordpress website and am
> finding a number of files that contain
>
>
dp



More information about the clamav-users mailing list