On Thu, May 31, 2012 at 1:21 PM, Tedd Sperling <[email protected]> wrote:
>
> So, my question to the group -- has PHP produced any viruses? If not, could
> it? If so, can anyone elaborate on the details?
To my own memory, viruses by definition, no. However, with that
said, there's tons of PHP malware, including self-replicating worms
that target certain vulnerabilities (such as known exploits in
versions of WordPress). In fact, one of the most common PHP-scripted
attacks on the web is against an individual script, which has been
packaged in with many other PHP applications - including WordPress -
over the years. The script, known as TimThumb, has an extremely
well-known vulnerability in past versions, which are still in
widespread use today.
The thing is, a PHP virus would be simple to write, so there
likely are a few out there. However, because a virus needs direct
interaction to spread it, it would be less effective than something
that is "set and forget" like a worm.
Conversely, there are worms written in PHP that then inject
JavaScript into PHP/HTML files and, usually using an iframe, attempt
to force a malicious file to be downloaded by the user, who may or may
not believe the interaction to be legitimate. Still, since PHP isn't
a client-side application, and - aside from a precompiled binary to
match the target operating system - requires the PHP parser to be
present and configured, as well as execution of the script to be
initiated by the user or a predictable automated process, it's
unlikely that a PHP virus (again, by definition) would see enough
success to make it worthwhile to the author.
--
</Daniel P. Brown>
Network Infrastructure Manager
http://www.php.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
