Depsite by best efforts, yesterday I noticed that I'd gotten hacked, and the hacker had put in malicious php files in various places on the server to redirect a subset of my traffic to a rogue site.
Since I use Perl and not PHP, it was trivial to find the exploit files, since all I had to do was search for all .php files and know that any matches were evil.
If I used php normally in my development, I'd have thousands of php files and it would have been possible for me to find the exploits just by searching for the .php files. I would have had a mountain of files to wade through.
Think I could have just searched for creation or last modification dates? No dice, the hackers were clever enough to forge the file dates.
In theory a hacker could use Perl, but PHP is certainly the hacker's language of choice.
Thinking back, whenever I've been asked to do after-the-fact analysis, the attackers injected php code wherever they could, wether they used a (php app) exploit or obtained ftp access, I've never seen them manipulate or upload perl scripts.
Ah, I wasn't aware at all. My comment was a bit tongue in cheek... it seems there's 2 or 3 ways sites get hacked... nothing that's really inherent to PHP,
1) not cleaning GET/POST variables or allowing unclean data into the DOM 2) bad file permissions 3) SQL injection.
It's just that PHP is more widely used to exploit the above. I wish I knew more Perl to be truly neutral on the subject... it seems anyone that programs with Perl doesn't have many bad things to say about it.
If I were to look for vulnerabilities it'd be on wordpress for sure, but there's plenty people already on that already