Welcome to WebmasterWorld Guest from 54.163.35.238

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

PHP.net Compromised

     

travelin cat

7:59 pm on Oct 24, 2013 (gmt 0)

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member



One of our research tools flagged php.net as distributing malware.


[barracudalabs.com...]

aakk9999

8:11 pm on Oct 24, 2013 (gmt 0)

WebmasterWorld Administrator 5+ Year Member Top Contributors Of The Month



There is also a thread on this here:

php.net - Malware Warning in Google SERPs [webmasterworld.com]

bill

5:40 am on Oct 25, 2013 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



Other news outlets are picking up on this as well...

http://www.pcworld.com/article/2057980/phpnet-compromised-and-used-to-attack-visitors.html [pcworld.com]

PHP.net compromised and used to attack visitors

Visitors to the official website for the PHP programming language over the past couple of days might have had their computers infected with malware.

Hackers managed to inject malicious JavaScript code into a file on the php.net site called userprefs.js. The code made requests to a third-party website that scanned visitors' browsers for vulnerable plug-ins and executed exploits that, if successful, installed a piece of malware, said Daniel Peck, a research scientist at Barracuda Networks.

bwnbwn

10:39 am on Oct 25, 2013 (gmt 0)

WebmasterWorld Senior Member bwnbwn is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



I hit a very popular php site yesterday and my anti malware went off due to an attempted exploit. It is a very high traffic site. This js might be a popular one and I would assume they are all infected.

incrediBILL

4:42 am on Oct 26, 2013 (gmt 0)

WebmasterWorld Administrator incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Considering PHP sites are always being compromised maybe having the mothership itself corrupted will make them way up and clean up their act.

penders

12:44 pm on Oct 27, 2013 (gmt 0)

WebmasterWorld Senior Member penders is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



Considering PHP sites are always being compromised...


...because most sites use PHP.

IanKelley

9:18 pm on Oct 27, 2013 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



This js might be a popular one and I would assume they are all infected.

It was a customized script that it's safe to assume is used only at php.net.

Considering PHP sites are always being compromised...


...because most sites use PHP.

Indeed, PHP is no more vulnerable than any language, and less than most.

graeme_p

8:43 am on Oct 29, 2013 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



Yes, and no.

PHP has low barriers to learning: its very easy to learn incrementally - e.g. learn a bit to do Wordpress templates, then a bit more to write a simple plugin etc.

This means a lot of people who are not very good (lack the talent of commitment to be good developers) learn and use PHP.

It is much less likely that people would learn a language like Python without some commitment and discipline, and virtually impossible with, say, C++ or Haskell.

PHP has historically has some bad design in the language itself (e.g. register globals) and more in some software. Its improved a lot - especially if you use a good web framework.

I do not use PHP enough to judge how it compares to other LANGUAGES, but, I think, in general you should not use bare PHP (or any other language) but use it with a framework, as that takes care of a lot of work and security issues for you.

A good PHP developer would do a good job, but PHP has a higher proportion of incompetents, and the temptation to use it without a well tested framework or components. Of course that does not affect the ability of good PHP developers to do a good job.

IanKelley

9:02 pm on Oct 29, 2013 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Frameworks and users don't really have anything to do with the security of a language. That would be similar to saying that acme hammers are vulnerable to being used as murder weapons because more murderers buy them.

You're right that there are a lot of bad PHP programmers. But I don't see how it's more true of PHP than other languages. Python is a much more beginner friendly language. Chances are there are more proportionally more bad Python programmers, it just isn't as popular so you don't notice. And C/C++ are taught in basic programming classes where people learn only enough to be dangerous to themselves.

Frameworks are great for corporations or other environments where you need to a get a lot of people with varying degrees of skill doing the same thing consistently in a short amount of time.

Unfortunately another thing frameworks accomplish is to create less efficient applications that will ultimately end up requiring more hardware to serve the same traffic because the code they provide, by definition, has to use extra processor cycles in an attempt to be flexible enough to be one size fits all. Also framework code is reviewed and tested less than core language code even though in many cases it attempts to replace it.

Then, from a hacking perspective, Frameworks introduce new vulnerabilities. They mean you don't just have to target the OS, the language itself, or the individual application. You can also look for vulnerabilities in the framework provided code.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month