these guys would pack a string of URLEncoded PHP code with no white space into a global, then decode and call it. It was usually placed at the bottom of one's document.
sqb On Thu, Jun 14, 2012 at 6:39 PM, Andre Garzia <an...@andregarzia.com> wrote: > On Thu, Jun 14, 2012 at 10:20 PM, Mark Wieder <mwie...@ahsoftware.net > >wrote: > > > ??? What possible good would changing the filetype be? Fortunately all > > my .irev files are in cgi-bin lockers or otherwise inocuous, but I > > can't imagine why someone would program a bot to change a non-php file > > to a php type. Just in case it had executable php code? Weird. > > > > If you change the filename to end in .php and enter a string like: > > <?php > > include "superhack.php" > > ?> > > in the beginning of the file or at the end, it will be guaranteed to run > your hack. You can also make it download PHP code from a C&C URL, save it > to a temp file and include it (include is PHP for execute), which is > terribly dangerous. > > > -- > http://www.andregarzia.com -- All We Do Is Code. > Stephen Barncard San Francisco Ca. USA more about sqb <http://www.google.com/profiles/sbarncar> _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
