On Thu, May 31, 2012 at 1:21 PM, Tedd Sperling <t...@sperling.com> wrote: > > So, my question to the group -- has PHP produced any viruses? If not, could > it? If so, can anyone elaborate on the details?
To my own memory, viruses by definition, no. However, with that said, there's tons of PHP malware, including self-replicating worms that target certain vulnerabilities (such as known exploits in versions of WordPress). In fact, one of the most common PHP-scripted attacks on the web is against an individual script, which has been packaged in with many other PHP applications - including WordPress - over the years. The script, known as TimThumb, has an extremely well-known vulnerability in past versions, which are still in widespread use today. The thing is, a PHP virus would be simple to write, so there likely are a few out there. However, because a virus needs direct interaction to spread it, it would be less effective than something that is "set and forget" like a worm. Conversely, there are worms written in PHP that then inject JavaScript into PHP/HTML files and, usually using an iframe, attempt to force a malicious file to be downloaded by the user, who may or may not believe the interaction to be legitimate. Still, since PHP isn't a client-side application, and - aside from a precompiled binary to match the target operating system - requires the PHP parser to be present and configured, as well as execution of the script to be initiated by the user or a predictable automated process, it's unlikely that a PHP virus (again, by definition) would see enough success to make it worthwhile to the author. -- </Daniel P. Brown> Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php