just_a_test - Server sources

The following URLs are distributing


<?php echo md5("just_a_test");?>

Some people use this code to explore web application vulnerabilities.

If you see these in your stats, you should check your server for anything out of the ordinary. It is possible these URLs are being used to scan your applications for vulnerabilities.

If you own one of these domains, you should check your server for anything out of the ordinary. You need to check the entire server, not just the posted link. It is possible your server is being used for unknown activities. Every PHP application should be checked.

http://honamfishing.co.kr/phpmysqladmin/libraries/nov/wulosu/
http://sans-packing.ru/img/jipeqap/ehudute/
http://www.channelnewsperu.com/imagenes/publicaciones/fotos/emesuki/ohuhud/
http://www.elettrodataservice.it/foto_articoli/pivafof/oqonon/
http://www.marsbook.co.kr/main/created/product/2/mumas/ohalupa/
http://www.municipioxii.it/sunnyway/igodoq/bukosud/
http://www.northfans.ch/forum/admin/settings/ocoyo/azad/
http://www.pattibus.it/phplib-7.2b/pages/godot/eridehi/&disp=single&more=1&c=1&tb=1&pb=1
http://www.stomol.ru/catalog/rivoz/vekudu/
http://www.thoseguysfilms.com/forums/templates/subSilver/images/timuji/ogu/
http://www.unduetretoccaate.it/codice/fog/iyi/
http://www.winbd.net/admin/jist_code/wowoz/opaxi/

If you are seeking professional assistance in securing your site and/or server, I recommend Breach Security.

The presence of a ‘just_a_test’ file on a server is not a reflection of the company that owns the site. It is not a known threat to PCs. That said, all PCs connected to the Internet should have adequate virus/worm/malware protection, updated as recommended.

Additional information this site (there are many excellent resources on the web as well):

http://web-notes.wirehopper.com/2008/03/01/cleaning-after-a-hack
http://web-notes.com/2008/03/27/md5-just_a_test

* Please note this list is not comprehensive, and the ‘just_a_test’ landscape is constantly changing. URLs listed may not be valid (meaning the file(s) was/were deleted). ‘just_a_test’ is only one of many creative web ventures.