Connect with us

Black Hat Tactics

Fake WordPress Functions Conceal assert() Backdoor

Published

on

Obfuscation Techniques in MARIJUANA Shell “Bypass”



Fake WordPress Functions Conceal assert() Backdoor

A few weeks ago, I was manually inspecting some files on a compromised website. While checking on a specific WooCommerce file, I noticed something interesting.

Among 246 other lines, this very specific part stood out to me:

$config = wp_dbase_config_init(‘_as_sert’);

For those readers familiar with PHP functions commonly misused by hackers, you may have already spotted _as_sert as something suspicious.

Since it resembles the assert() function, let’s check the PHP definition of the function:

bool assert ( mixed $assertion [, string $description ] )
assert() will check the given assertion and take appropriate action if its result is FALSE.

Continue reading Fake WordPress Functions Conceal assert() Backdoor at Sucuri Blog.



Source link

Continue Reading
Click to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.