I agree with John Holmes that it is targeted at PHP. It is really
wonderfull thing to know that google, yahoo can detect my php code on
my site. These news item written by total uninformed (or Illinformed )
persons.
zareef ahmed
--
Zareef Ahmed :: A PHP Developer in India ( Delhi )
Homepage
[snip]
To prevent these attacks, it may be necessary to recode the site to use
the include() and require() functions in a safe manner.
[/snip]
From http://www.php.net/include
If URL fopen wrappers are enabled in PHP (which they are in the
default configuration), you can specify the file to be
It uses search engines including
Google, Yahoo and AOL to identify exploitable Web pages written in PHP
that use the functions include() and require() in an insecure
manner, K-OTik said.
Exactly how is a worm going to know if I have include($crap) in my code
by searching google? Is it
3 matches
Mail list logo