I have someone that is adding a trojan to my gallery.
The trojan is a PHP.RSTBackdoor file.
And is uploaded with file names like tryag.jpg
Looking at what this Trojan can do:
When PHP.RSTBackdoor is executed, it performs the following actions:
Creates the following files:
/tmp/bdpl
/tmp/back
/tmp/bd
/tmp/bd.c
/tmp/dp
/tmp/dpc
/tmp/dpc.c
Opens a back door via HTTP access. It allows the remote attacker to perform any of the following actions:
Execute shell commands on /bin/bash
Change file permissions
Delete files and directories
Upload files
Edit files
Find files
Show system information
Dump SQL database
Is there anyway to stop these types of files from being uploaded?