Y
Hacker News
new
|
ask
|
show
|
jobs
by
andreareina
276 days ago
The normal file doesn't look that normal
1 comments
o11c
273 days ago
Keep in mind that the stated use is cache-poisoning of automated scanners, not fooling humans.
link
slow_typist
273 days ago
Humans have to put the so called php-file on the server intentionally for any subsequent attack to work. But it is a binary file.
link
h33t-l4x0r
273 days ago
I imagine it's supposed to get onto the server by an exploited vulnerable image upload plugin
link
slow_typist
273 days ago
Maybe I don’t understand the scenario fully, but under your assumption there is no need to inject the malicious webshell later.
link