Post-exploitation: what an attacker does once he compromised your app or server by Mattias Geniar
Video Description
Remember that one site, in a dark corner of one of your servers? The one that didn't get those latest updates? Well, it just got hacked.
In this talk we'll look at what happens _after_ it's hacked, what kind of scripts or tasks get run, how malware hides in your PHP code and reactivates itself. After this talk, you'll be armed with new ideas to help detect and prevent compromised Drupal installations.
In this talk we'll look at what happens _after_ it's hacked, what kind of scripts or tasks get run, how malware hides in your PHP code and reactivates itself. After this talk, you'll be armed with new ideas to help detect and prevent compromised Drupal installations.