Persistence in WordPress using backdoors in SQL
Tags
attack-pattern: Credentials - T1589.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Web Shell - T1505.003 Connection Proxy - T1090 Web Shell - T1100
Show in Graph
Common Information
Type Value
UUID a8ec5ef0-6457-4c6e-82da-965ec5e33951
Fingerprint f705d35d38a79889
Analysis status DONE
Considered CTI value 0
Text language
Published May 15, 2017, midnight
Added to db Jan. 18, 2023, 11:46 p.m.
Last updated Nov. 13, 2024, 7:17 p.m.
Headline Persistence in WordPress using backdoors in SQL
Title Persistence in WordPress using backdoors in SQL
Detected Hints/Tags/Attributes 38/1/6
Source URLs
Redirection Url
Details Source https://www.tarlogic.com/en/blog/backdoors-in-sql-wordpress/
URL Provider
Details Provider Source level domain
Details tarlogic.com www.tarlogic.com
Attributes
Details Type #Events CTI Value
Details Domain 2 
ajax.open
Details Domain 18 
www.tarlogic.com
Details File 1 
'%test.js
Details File 2 
plugin-editor.php
Details File 9 
hello.php
Details File 41 
www.tar