homepage Welcome to WebmasterWorld Guest from 54.145.238.55
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
PHP.net Compromised
travelin cat

WebmasterWorld Administrator travelin_cat us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4618864 posted 7:59 pm on Oct 24, 2013 (gmt 0)

One of our research tools flagged php.net as distributing malware.


[barracudalabs.com...]

 

aakk9999

WebmasterWorld Administrator 5+ Year Member



 
Msg#: 4618864 posted 8:11 pm on Oct 24, 2013 (gmt 0)

There is also a thread on this here:

php.net - Malware Warning in Google SERPs [webmasterworld.com]

bill

WebmasterWorld Administrator bill us a WebmasterWorld Top Contributor of All Time 10+ Year Member Best Post Of The Month



 
Msg#: 4618864 posted 5:40 am on Oct 25, 2013 (gmt 0)

Other news outlets are picking up on this as well...

http://www.pcworld.com/article/2057980/phpnet-compromised-and-used-to-attack-visitors.html [pcworld.com]

PHP.net compromised and used to attack visitors

Visitors to the official website for the PHP programming language over the past couple of days might have had their computers infected with malware.

Hackers managed to inject malicious JavaScript code into a file on the php.net site called userprefs.js. The code made requests to a third-party website that scanned visitors' browsers for vulnerable plug-ins and executed exploits that, if successful, installed a piece of malware, said Daniel Peck, a research scientist at Barracuda Networks.

bwnbwn

WebmasterWorld Senior Member bwnbwn us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4618864 posted 10:39 am on Oct 25, 2013 (gmt 0)

I hit a very popular php site yesterday and my anti malware went off due to an attempted exploit. It is a very high traffic site. This js might be a popular one and I would assume they are all infected.

incrediBILL

WebmasterWorld Administrator incredibill us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4618864 posted 4:42 am on Oct 26, 2013 (gmt 0)

Considering PHP sites are always being compromised maybe having the mothership itself corrupted will make them way up and clean up their act.

penders

WebmasterWorld Senior Member penders us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4618864 posted 12:44 pm on Oct 27, 2013 (gmt 0)

Considering PHP sites are always being compromised...


...because most sites use PHP.

IanKelley

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4618864 posted 9:18 pm on Oct 27, 2013 (gmt 0)

This js might be a popular one and I would assume they are all infected.

It was a customized script that it's safe to assume is used only at php.net.

Considering PHP sites are always being compromised...


...because most sites use PHP.

Indeed, PHP is no more vulnerable than any language, and less than most.

graeme_p

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4618864 posted 8:43 am on Oct 29, 2013 (gmt 0)

Yes, and no.

PHP has low barriers to learning: its very easy to learn incrementally - e.g. learn a bit to do Wordpress templates, then a bit more to write a simple plugin etc.

This means a lot of people who are not very good (lack the talent of commitment to be good developers) learn and use PHP.

It is much less likely that people would learn a language like Python without some commitment and discipline, and virtually impossible with, say, C++ or Haskell.

PHP has historically has some bad design in the language itself (e.g. register globals) and more in some software. Its improved a lot - especially if you use a good web framework.

I do not use PHP enough to judge how it compares to other LANGUAGES, but, I think, in general you should not use bare PHP (or any other language) but use it with a framework, as that takes care of a lot of work and security issues for you.

A good PHP developer would do a good job, but PHP has a higher proportion of incompetents, and the temptation to use it without a well tested framework or components. Of course that does not affect the ability of good PHP developers to do a good job.

IanKelley

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4618864 posted 9:02 pm on Oct 29, 2013 (gmt 0)

Frameworks and users don't really have anything to do with the security of a language. That would be similar to saying that acme hammers are vulnerable to being used as murder weapons because more murderers buy them.

You're right that there are a lot of bad PHP programmers. But I don't see how it's more true of PHP than other languages. Python is a much more beginner friendly language. Chances are there are more proportionally more bad Python programmers, it just isn't as popular so you don't notice. And C/C++ are taught in basic programming classes where people learn only enough to be dangerous to themselves.

Frameworks are great for corporations or other environments where you need to a get a lot of people with varying degrees of skill doing the same thing consistently in a short amount of time.

Unfortunately another thing frameworks accomplish is to create less efficient applications that will ultimately end up requiring more hardware to serve the same traffic because the code they provide, by definition, has to use extra processor cycles in an attempt to be flexible enough to be one size fits all. Also framework code is reviewed and tested less than core language code even though in many cases it attempts to replace it.

Then, from a hacking perspective, Frameworks introduce new vulnerabilities. They mean you don't just have to target the OS, the language itself, or the individual application. You can also look for vulnerabilities in the framework provided code.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved