WF failed to detect malicious script

  • Today I found a malicious script in several websites protected by Wordfence. The filename is ssv3_directory.php, and it was found in the web root directory. The file was not flagged. The following is the contents of this file. I found that this file is used to show information of the server.

    <?php
error_reporting(0);
@ini_set('cgi.fix_pathinfo', 1);
if (is_dir($_POST['directory']) && !is_dir_empty($_POST['directory'])) {
	echo 1;
} else {
	echo 0;
}

	function is_dir_empty($dir) {
	if (!is_readable($dir)) return null;
		$handle = opendir($dir);
		while (false !== ($entry = readdir($handle))) {
			if ($entry != "." && $entry != "..") {
				return false;
			}
		}
	return true;
	}

exit;
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘WF failed to detect malicious script’ is closed to new replies.