[PHPwestoz] are there any know php vulnerabilities around?

Sol Hanna sol at autonomon.net
Wed Feb 16 17:41:02 UTC 2005


Mondo bad news - my server just got cracked! >:o

The crack involved index.php files in all directories under the web root 
being overwritten with an intelligent bit of cracker poetry thus:

"Noturnos Crimez... OwnZ yOu, By Lord Cha0s.. * Mais um Dia se 
passa..tudo novo.. mais pq eu sempre me ferro? fiko triste.. e tudo por 
causa de uma minina que eu amo d+... nossa.. eu daria tudo pra tela 
comigo. nos meus braços abraçala , beijala.. pedir desculpas a ela.. 
nossa.. eu seria o cara mais feliz se vesse ela a ultima vez.. soh 
queria dizer .. GISLAINE EU TI AMO! d+!!!!!"

Just a text file.

That seems to be the extent of the damage, though I'm still quite pissed 
off. Given that it has only affected index.php files in this way, it 
seems that a PHP vulnerability is to blame. Anyone know anything about 
this so I know how to take action to prevent it?????

ta very much; sol :'(




More information about the PHPwestoz mailing list