Tmp-2w.upload

Zen49 · June 1, 2023, 10:00pm

Hello,

Hopefully, I’ve selected the correct category.

Has anyone come across this file tmp-2w.upload. It is being flagged as a Troj/PHP-DH.

I did not seen an reference when doing a search.

Any help on this would be appreciated.

Don’t forget to tell us about your stack!

OS: ???
Java Version: ???
Tomcat Version: ???
Lucee Version: ???

andreas · June 4, 2023, 2:27pm

Hi, which library, version or where did it find the suposed file?

Zackster · June 4, 2023, 4:03pm

.upload is any random file uploaded in a post request, it’s nothing more than a random request

Zen49 · June 5, 2023, 12:08pm

Hello,

Thank you for the response. Does that mean it should be flagged as a possible threat?

Zen49 · June 5, 2023, 12:08pm

Thank you.

I have to go check.

Zackster · June 5, 2023, 12:17pm

not really, any .upload files are deleted at the end of the request unless you do something with em

if you action the uploaded files and move them somewhere with the right file extension, then your anti malware/virus should scan them

Zen49 · June 5, 2023, 5:28pm

Thank you, Zackster. I really appreciate the feedback.

Zen49 · June 5, 2023, 5:33pm

Would you recommend moving the files in order to have the scanned?

But, if they are deleted at the end why would the above be necessary- if that would have been your recommendation?

Zen49 · June 5, 2023, 6:14pm

Here’s another question.
Is there a way to get the files to upload upon request vs post?

Thank you.

Zackster · June 6, 2023, 7:46am

file upload is only supported on POST