On Thu, May 31, 2012 at 1:21 PM, Tedd Sperling <t...@sperling.com> wrote:
> So, my question to the group -- has PHP produced any viruses? If not, could 
> it? If so, can anyone elaborate on the details?

    To my own memory, viruses by definition, no.  However, with that
said, there's tons of PHP malware, including self-replicating worms
that target certain vulnerabilities (such as known exploits in
versions of WordPress).  In fact, one of the most common PHP-scripted
attacks on the web is against an individual script, which has been
packaged in with many other PHP applications - including WordPress -
over the years.  The script, known as TimThumb, has an extremely
well-known vulnerability in past versions, which are still in
widespread use today.

    The thing is, a PHP virus would be simple to write, so there
likely are a few out there.  However, because a virus needs direct
interaction to spread it, it would be less effective than something
that is "set and forget" like a worm.

    Conversely, there are worms written in PHP that then inject
JavaScript into PHP/HTML files and, usually using an iframe, attempt
to force a malicious file to be downloaded by the user, who may or may
not believe the interaction to be legitimate.  Still, since PHP isn't
a client-side application, and - aside from a precompiled binary to
match the target operating system - requires the PHP parser to be
present and configured, as well as execution of the script to be
initiated by the user or a predictable automated process, it's
unlikely that a PHP virus (again, by definition) would see enough
success to make it worthwhile to the author.

</Daniel P. Brown>
Network Infrastructure Manager

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to