WebApp Sec mailing list archives
Re: PHP Security
From: "Greg Song" <bigrootno1 () gmail com>
Date: Wed, 19 Mar 2008 14:02:45 +0900
It includes iframe code. and also it was used to download malicious code. iframe code is as below iframe src="http://[IP ADDRESS]/help.htm] Of cause there are other files. I guess it started from 'check.js'. Greg. 2008/3/19, Eric Marden <security () xentek net>:
Are you saying that check.js was used in the attack? Does this file call any remote files? Eric Marden xentek: enlightened internet solutions http://xentek.net/ On Mar 17, 2008, at 7:58 PM, Greg Song wrote:Hi all Thesedays I'm analyzing the solarys system that using apache web server and php. Of cause it hacked. I could not find reason of some situation that the specified directory are created over and over(it includes check.js) Weblog record as belowxxx.xxx.xxx.xxx GET "/XXX/ahibix/check.jsSome pages can upload the file but it didn't work when I uploaded some php file. I'm wondering how it makes some directories. Any suggestin,ideas. Thanks all ---------------------------------------------------------------------- --- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx? id=70170000000940F ---------------------------------------------------------------------- ---------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
Current thread:
- PHP Security Greg Song (Mar 18)
- Re: PHP Security Eduardo Tongson (Mar 18)
- Re: PHP Security Eric Marden (Mar 18)
- Re: PHP Security Greg Song (Mar 18)
- <Possible follow-ups>
- Re: PHP Security Greg Song (Mar 18)