Re: [PHP] Hack question

2008-04-18 Thread Jim Lucas
Al wrote: I'm still fighting my hack problem on one of my servers. Can anyone help me figure out what's the purpose of this code. The hack places this file in numerous dirs on the site, I assume using a php script because the owner is "nobody". I can sort of figure what is doing; but, I can'

Re: [PHP] Hack question

2008-04-17 Thread Daniel Brown
On Thu, Apr 17, 2008 at 8:15 AM, Al <[EMAIL PROTECTED]> wrote: > Can you explain this in more detail for me. Sounds like this code is > providing the entry point for the other hack code. It probably is, by reading the code from the malicious /tmp files (/tmp should not allow any execution, by

Re: [PHP] Hack question

2008-04-17 Thread Al
Can you explain this in more detail for me. Sounds like this code is providing the entry point for the other hack code. Greg Bowser wrote: I can sort of figure what is doing; but, I can't figure out what the hacker is using it for. It will allow him to upload and execute arbitrary code on

Re: [PHP] Hack question

2008-04-16 Thread Jim Lucas
Al wrote: I'm still fighting my hack problem on one of my servers. Can anyone help me figure out what's the purpose of this code. The hack places this file in numerous dirs on the site, I assume using a php script because the owner is "nobody". I can sort of figure what is doing; but, I can'

Re: [PHP] Hack question

2008-04-16 Thread Daniel Brown
On Wed, Apr 16, 2008 at 12:13 PM, Al <[EMAIL PROTECTED]> wrote: > I'm still fighting my hack problem on one of my servers. Can anyone help me > figure out what's the purpose of this code. The hack places this file in > numerous dirs on the site, I assume using a php script because the owner is > "

Re: [PHP] Hack question

2008-04-16 Thread Greg Bowser
> I can sort of figure what is doing; but, I can't figure out what the hacker > is using it for. It will allow him to upload and execute arbitrary code on your server. Generally speaking, arbitrary code execution is a bad thing. :). -- PHP General Mailing List (http://www.php.net/) To unsubscr

Re: [PHP] Hack question

2008-04-16 Thread Aschwin Wesselius
Al wrote: I'm still fighting my hack problem on one of my servers. Can anyone help me figure out what's the purpose of this code. The hack places this file in numerous dirs on the site, I assume using a php script because the owner is "nobody". I can sort of figure what is doing; but, I can'

Re: [PHP] Hack question

2008-04-16 Thread Aschwin Wesselius
Al wrote: I'm still fighting my hack problem on one of my servers. Can anyone help me figure out what's the purpose of this code. The hack places this file in numerous dirs on the site, I assume using a php script because the owner is "nobody". I can sort of figure what is doing; but, I can'