Loading ...
Sorry, an error occurred while loading the content.

PHP Vulnrability?

Expand Messages
  • Atryeu
    Hi there! I am new to this group. The last php group I was in has been overran with spam and does not seem to be very helpful anymore, so I hope somebody here
    Message 1 of 1 , Oct 2, 2006
    • 0 Attachment
      Hi there!

      I am new to this group. The last php group I was in has been overran
      with spam and does not seem to be very helpful anymore, so I hope
      somebody here can help me out!

      I do not know very much php at all currently. I started out by using
      the Includes code on an old site of mine. I liked using php for my
      website a lot better so I have stuck with it over the years and
      never really had any problems.

      I signed into my server through FTP yesterday to make a few changes
      with one of my sites. Inside of a folder, I noticed there were 2
      extra files that should not have been there. One was an index.html
      file and the other was a .php file (I do not recall the name, I
      forgot to write it down) that contained code for some sort of a
      virus. I am trying to figure out if there is a vulnrability on my
      site I do not know about and I am hoping somebody here can help me
      figure this out.

      The files were found in a folder that should have only contained 1
      single html document where I put my list of updates/changes to my
      site for visitors to see. This file is linked to the main site
      through a basic PHP Includes code. There is NO reference to the
      folder that file is in whatsoever in any area of my website other
      than in the actual source code file.

      My Includes code for the file looked like this:
      <?php include ("news/news.html");?>

      My source code (minus all of the extra html and text for the site)
      looks like the following:
      -------------------------
      <? include("header.php"); ?>

      <?

      if(!$_SERVER['QUERY_STRING']) { ?>

      Homepage Code Here

      <? } elseif ($_SERVER['QUERY_STRING'] == "news") { ?>

      <br><br>
      <?php include ("news/news.html");?>
      <br><br>

      <? } include("footer.php"); ?>
      ------------------------------

      There are of course more ElseIf statements in the source as well.
      The header and footers contain no further php script, only html, css
      and a little javascript for a counter code.

      I also have a php form mail script on my site (called Mailite) but
      it cannot upload files and I am doubting it had anything to do with
      this. I am also pretty certain they did not figure out my password
      as it is a very long annoying password that even I can't seem to
      memorize (I have changed it anyway though to be on the safe side),
      which leaves me thinking it had something to do with the PHP coding
      on the site, revolving around the news file there.

      Does anybody have any suggestions or advice for me? I seem to have
      become a target for some reason. I already have had to remove my
      little news script I've been using for the last 5 years or so
      because somebody was using it to attack the server and now this
      happens. I would like to make sure my site is secure from further
      attacks. I do not keep sensitive data in any of the codes and I am
      not using any databases with my site, but I would like to keep
      myself from being forced off the server because some idiot thinks
      this is funny :(

      Thank you!
      - Jennifer
    Your message has been successfully submitted and would be delivered to recipients shortly.