Welcome to WebmasterWorld Guest from 54.161.99.20

Forum Moderators: coopster & jatar k & phranque

Message Too Old, No Replies

One esoteric reason for using Perl instead of PHP.

It's easier to find hacked files

     
2:26 pm on Sep 23, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 12, 2003
posts: 1199
votes: 0


Depsite by best efforts, yesterday I noticed that I'd gotten hacked, and the hacker had put in malicious php files in various places on the server to redirect a subset of my traffic to a rogue site.

Since I use Perl and not PHP, it was trivial to find the exploit files, since all I had to do was search for all .php files and know that any matches were evil.

If I used php normally in my development, I'd have thousands of php files and it would have been possible for me to find the exploits just by searching for the .php files. I would have had a mountain of files to wade through.

Think I could have just searched for creation or last modification dates? No dice, the hackers were clever enough to forge the file dates.

In theory a hacker could use Perl, but PHP is certainly the hacker's language of choice.

Score one for Perl. :)
3:30 pm on Sept 23, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:May 31, 2008
posts:661
votes: 0


Ha, and a nice argument indeed.

Thinking back, whenever I've been asked to do after-the-fact analysis, the attackers injected php code wherever they could, wether they used a (php app) exploit or obtained ftp access, I've never seen them manipulate or upload perl scripts.
3:48 pm on Sept 23, 2012 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member brotherhood_of_lan is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 30, 2002
posts:4843
votes: 2


Are you using wordpress?

I'm not sure if there are many Perl CMS's out there :o)
4:03 pm on Sept 23, 2012 (gmt 0)

Senior Member from FR 

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 15, 2004
posts:6717
votes: 230


IIRC Brett coded this place in Perl..

I'm not sure if there are many Perl CMS's out there :o)

= Gap in market ? opportunity ? :)
8:20 pm on Sept 23, 2012 (gmt 0)

Administrator

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Aug 10, 2004
posts:10551
votes: 10


Are you using wordpress?
I'm not sure if there are many Perl CMS's out there


Movable Type, for example, doesn't have a wordpress footprint but is not unheard of and Twiki is used fair amount as well.
11:42 pm on Sept 23, 2012 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member brotherhood_of_lan is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 30, 2002
posts:4843
votes: 2


Ah, I wasn't aware at all. My comment was a bit tongue in cheek... it seems there's 2 or 3 ways sites get hacked...
nothing that's really inherent to PHP,

1) not cleaning GET/POST variables or allowing unclean data into the DOM
2) bad file permissions
3) SQL injection.

It's just that PHP is more widely used to exploit the above. I wish I knew more Perl to be truly neutral on the subject... it seems anyone that programs with Perl doesn't have many bad things to say about it.

If I were to look for vulnerabilities it'd be on wordpress for sure, but there's plenty people already on that already