Mike/Matt, thanks for the promp response for reference our system: Slackware 8.1, mySQL 3.23.51, apache 1.37
all the passwords look like they are kept in the mysql.users table and the passwords are encrypted (at least in phpMyAdmin 2.4) Steve ----- Original Message ----- From: "Mike" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, March 21, 2003 8:36 AM Subject: Re: [PHP] lurker awakes | What kind of a db you got? Search through the db for a table or db that | has you're system passwords in it... other than that, you'd have to know | where the file was... (which means searching for it...) you could also | try a google search for your system password using site:whatever.com in | the box... | | On Thu, 2003-03-20 at 13:29, [EMAIL PROTECTED] wrote: | > Hi guys, | > we have been silent observers to this list over the last few weeks. | > most of our web-app development is done in cold fusion, and i am still coming to terms with php, our involvement with the language to date has been via phpnuke. | > | > a while ago one of our tech guys showed me the output of a php page which showed our system passwords - | > since then he has subsequently moved on, we have changed all our passwords etc.. | > | > my q: | > does anyone have any knowlege about this type of script? | > does anyone have a copy of it, so i can make sure there are no copies of it on my system - it would be a hell of a backdoor to leave on our server. | > Steve Soars | > | > | > -------------------------------------------------------------------------- ------ | > | > www.i-redlands.net | > | > Interactive Redlands | > Shop 2 Cleveland Town Square | > Cnr Queen & Bloomfield Sts | > Cleveland QLD 4163 | > | > [p] 07 3821-5800 | > [f] 07 3821-5811 | > | > "what we do in life | > echoes an eternity" | > | > | > -------------------------------------------------------------------------- ------ | | | -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
