[support] Drupalgeddon-test
Metzler, David
metzlerd at evergreen.edu
Wed Nov 5 16:07:05 UTC 2014
Most of these are likely false positives. import.php is a bit of a question. Could be old code from site live, but could also be an attack vector.
I ran drupalgeddon scans against a dev site that wasn’t exposed to the internet to get a feel for what kind of false positives it might report before running on a production site.
Dave
From: support-bounces at drupal.org [mailto:support-bounces at drupal.org] On Behalf Of Muzaffer Tolga Ozses
Sent: Monday, November 03, 2014 11:35 PM
To: support at drupal.org
Subject: [support] Drupalgeddon-test
Hi,
I removed the files anyway, but I still wanted to ask you. Do you think these are false or true positives?
Suspicious file "DRUPAL_ROOT/FirePHPCore/lib/FirePHPCore/FirePHP.class.php4" discovered. [error]
Suspicious file "DRUPAL_ROOT/FirePHPCore/lib/FirePHPCore/fb.php4" discovered. [error]
Suspicious file "DRUPAL_ROOT/FirePHPCore/lib/FirePHPCore/fb.php" discovered. [error]
Suspicious file "DRUPAL_ROOT/FirePHPCore/lib/FirePHPCore/FirePHP.class.php" discovered. [error]
Suspicious file "DRUPAL_ROOT/FirePHPCore/demo/oo.php" discovered. [error]
Suspicious file "DRUPAL_ROOT/FirePHPCore/demo/procedural.php" discovered. [error]
Suspicious file "DRUPAL_ROOT/FirePHPCore/demo/procedural.php4" discovered. [error]
Suspicious file "DRUPAL_ROOT/FirePHPCore/demo/oo.php4" discovered. [error]
Suspicious file "DRUPAL_ROOT/import.php" discovered. [error]
Regards,
mto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20141105/4b891fff/attachment.html
More information about the support
mailing list