Hacktools are specially crafted tools to perform malicious or illicit activities, such as controlling botnets, mining bitcoins, triggering Denial-of-Service attacks and bruteforcing passwords. Those tools most of the time hidden in the filesystem and were installed among with other malicious code throug a vulnerability or an already compromised server.
This tool act as an interface to functions.php file, which will trigger the other zombie servers to perform the DDoS attack.
Affecting
Any vulnerable PHP based website. Outdated software or compromised passwords can act as an infection vector.
Cleanup
Reove any file with this content and check for the functions.php file in the same directory of the found file. Also you can sign up with us and let our team remove the malware for you.
Dump
<!-- PHP DDOS, coded by EXE -->
<body>
<center><br><br>
<img src="main.jpg"><br>
<b>Your IP:</b> <font color="red"><?php echo $ip; ?></font> (Don't DDoS yourself nub)<br><br>
<form name="input" action="function.php" method="post">
IP:
<input type="text" name="ip" size="15" maxlength="15" class="main" value = "0.0.0.0" onblur = "if ( this.value=='' ) this.value = '0.0.0.0';" onfocus = " if ( this.value == '0.0.0.0' ) this.value = '';">