Can you post the code for that ASP file eeyerulez??? Im assuming that page
is connecting to the exe file by the same name eeyehack.exe. Perhaps its
grabbing any information posted to your CGI programs & then reporting this
information back through the ASP page somehow.
If indeed its doing something like that then there has to be some kinda link
back to them through something. Post code for that ASP file & find out what
that its really doing in there.
>From: "Brian L. Wolfsohn" <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>To: CF-Talk <[EMAIL PROTECTED]>
>Subject: OT: Who's hacking around ???
>Date: Sat, 02 Dec 2000 23:55:19 -0500
>
>i've found these suspicious looking files in one of our cgi directories.
>
>Has anyone heard of these ?? can you point me to any resources for checking
>on them ??
>
>
>eeyerulez.asp
>logfilename
>sysmng.exe
>sensepost.exe
>eeyehack.exe
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
