I think the following link might shed some more light on the situation:
http://news.cnet.com/news/0-1003-200-6604515.html
HTH
Sam Masiello
Software Quality Assurance Engineer
Synacor
(716) 853-1362 x289
[EMAIL PROTECTED]
On Fri, 20 Jul 2001 10:12:25 +1000 Brian White <[EMAIL PROTECTED]> wrote:
>Maybe the hacker got into the httpd.conf and set the auto-prepend setting
>to a file that contained the message.
>
>Brian
>
>At 00:34 20/07/2001 +0300, [EMAIL PROTECTED] wrote:
>>Hi Jean-Francois!
>>On Thu, 19 Jul 2001, Jean-Francois Jauvin wrote:
>>
>> > Hi, my server with php on it has been "hacked" or something....., what
>> > appened is every PHP pages displayed a certain message like "Hacked by blah
>> > blah blah...".
>> > None of the HTML pages were affected, only the PHP ones....
>> > but the scripts were not altered, I've shut down IIS, reinstalled PHP, and
>>Ah, IIS, the magic word.
>>
>>Maybe you have been hacked by the Bady worm, I saw it in action in the
>>test lab :)
>>
>>-- teodor
>>
>>--
>>PHP General Mailing List (http://www.php.net/)
>>To unsubscribe, e-mail: [EMAIL PROTECTED]
>>For additional commands, e-mail: [EMAIL PROTECTED]
>>To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>-------------------------
>Brian White
>Step Two Designs Pty Ltd - SGML, XML & HTML Consultancy
>Phone: +612-93197901
>Web: http://www.steptwo.com.au/
>Email: [EMAIL PROTECTED]
>
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
