Someone with whom I have been discussing this just_a_test set up a honeypot to find out what else happens with this infection:
http://web.dtbaker.com.au/post/catching_echo_md5_just_a_test_exploit_attempts.htmlSeems to drop a file called namogofer.php in all of the directories in the web tree.
Jonathan -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist
