After some more analysis I found out that this is a Wordpress related vulnerability which allows attackers to inject their code into those vulnerable wordpress sites. Have a look at Snort's alert based on this picture http://imageshack.us/photo/my-images/24/selection005.jpg/
On Sat, Apr 28, 2012 at 10:32 AM, Balasubramaniam Natarajan < [email protected]> wrote: > One more analysis URL > > http://anubis.iseclab.org/?action=result&task_id=12447bd8a78770114d5b814178b263a52 > > > On Sat, Apr 28, 2012 at 10:23 AM, Balasubramaniam Natarajan < > [email protected]> wrote: > >> I guess it is again infected see these URL's, I guess there is some >> vulnerable application which is being used. >> >> >> http://zulu.zscaler.com/submission/show/3f4dd8125636f9085064e80d82b5a91c-1335588641 >> >> http://zulu.zscaler.com/submission/show/1dc8ca07c826386602b298aec3026947-1335588645 >> >> >> On Sat, Apr 28, 2012 at 9:20 AM, ramkumar lakshminarayanan < >> [email protected]> wrote: >> >>> >>> Dear Friends, >>> I checked the (http://www.kaniyam.com/) kaniyam site today and not able >>> to access it. >>> >> >>> Fatal error: Cannot redeclare class Jetpack_Image_Widget in >>> /home/endicus/ >>> kaniyam.com/wp-content/plugins/jetpack/modules/widgets/image-widget.php.INFECTED.phpon >>> line 151 >>> >>> Ramkumar Lakshminarayanan >>> > From: [email protected] >>> > Date: Mon, 9 Apr 2012 19:21:21 +0530 >>> > To: [email protected] >>> > Subject: [Ilugc] Kaniyam - 4 >>> > >>> > Kaniyam - April 2012 issue is released now. >>> > >>> > Thanks for all your wishes for the ‘*kaniyam*‘ e-magazine. >>> > >>> > >>> > In this issue, we discuss about the following topics in Tamil. >>> > >>> >>> >>> _______________________________________________ >>> ILUGC Mailing List: >>> http://www.ae.iitm.ac.in/mailman/listinfo/ilugc >>> >> >> >> >> -- >> Regards, >> Balasubramaniam Natarajan >> www.etutorshop.com/moodle/ >> >> > > > -- > Regards, > Balasubramaniam Natarajan > www.etutorshop.com/moodle/ > > -- Regards, Balasubramaniam Natarajan www.etutorshop.com/moodle/ _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
