Cronjob Backdoors

Cronjob Backdoors

Attackers commonly rely on backdoors to easily gain reentry and maintain control over a website. They also use PHP functions to further deepen the level of their backdoors.

A good example of this is the shell_exec function which allows plain shell commands to be run directly through the web application, providing attackers with an increased level of control over the environment.

Backdoor in Cron

While investigating a client with repeated website infections, we came across a scenario where a cron job was being used to reinfect the site.

Continue reading Cronjob Backdoors at Sucuri Blog.

Read more: Cronjob Backdoors

Story added 3. May 2019, content source with full text you can find at link above.