Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: PHP Security

from [Greg Song] Network Security [Permanent Link]
Subject: Re: PHP Security
Date: Wed, 19 Mar 2008 14:02:45 +0900 
It includes iframe code. and also it was used to download malicious code.

iframe code is as below

iframe src="http://[IP ADDRESS]/help.htm]

Of cause there are other files.

I guess it started from 'check.js'.


Greg.


2008/3/19, Eric Marden <security@xentek.net>:

Are you saying that check.js was used in the attack? Does this file
call any remote files?


Eric Marden
xentek: enlightened internet solutions
http://xentek.net/

On Mar 17, 2008, at 7:58 PM, Greg Song wrote:

Hi all
Thesedays I'm analyzing the solarys system that using apache web
server and php. Of cause it hacked.
I could not find reason of some situation that the specified directory
are created over and over(it includes check.js)
Weblog record as below

xxx.xxx.xxx.xxx GET "/XXX/ahibix/check.js

Some pages can upload the file but it didn't work when I uploaded
some php file.
I'm wondering how it makes some directories.
Any suggestin,ideas.
Thanks all

----------------------------------------------------------------------
---
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats,
web application security assessments should be considered a crucial
phase in the development of any web application. What methodology
should be followed? What tools can accelerate the assessment
process? Download this Whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?
id=70170000000940F
----------------------------------------------------------------------
---




-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web 
application security assessments should be considered a crucial phase in the 
development of any web application. What methodology should be followed? What 
tools can accelerate the assessment process? Download this Whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------




-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web 
application security assessments should be considered a crucial phase in the 
development of any web application. What methodology should be followed? What 
tools can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: PHP Security, Eric Marden
Next by Date:  AW: web application scanning tool - any unsecure demo sites out t here to run them against?, Martin Muench
Previous by Thread:  Re: PHP Security, Eric Marden
Next by Thread:  Re: PHP Security, Greg Song
Indexes:  [Date] [Thread] [Top] [All Lists]