PHPsert

Description

(SentinelLabs) PHPsert executes attacker-provided PHP code using the assert function, which, in PHP versions prior to 8.0.0, interprets and runs parameter strings as PHP code. To hinder static analysis and evade detection, the webshell uses various code obfuscation techniques, including XOR encoding, hexadecimal character representation, string concatenation, and randomized variable names.

Names

Name
PHPsert

Type

Backdoor

Information

https://www.sentinelone.com/labs/operation-digital-eye-chinese-apt-compromises-critical-digital-infrastructure-via-visual-studio-code-tunnels/

Other Information

Uuid

368f7e08-8a58-4b34-83d1-6c087a461eb1

Last Card Change

2024-12-27

Threat Intelligence Garden

Explorer

PHPsert

PHPsert

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks