Signature Detail

Short Name	HTTP:C99-SHELL-BACKDOOR
Severity	High
Recommended	Yes
Category	HTTP
Keywords	backdoor
Release Date	2014/06/24
Update Number	2392
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

TROJAN: C99 Backdoor Actiivity

This signature detects access to the backdoor placed in the C99 PHP shell. It was found that the C99 PHP Shell that is used to backdoor web servers, has a backdoor itself. This signature indicates that someone is logging into a C99 shell using the backdoor.

References

URL: http://thehackerblog.com/every-c99-php-shell-is-backdoored-aka-free-shells/

Signature Detail

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

TROJAN: C99 Backdoor Actiivity

References