PHP CORE CODE WAS HACKED – I'm going to go vomit now



Download Podcast at:
iTunes – https://podcasts.apple.com/us/podcast/eli-the-computer-guy/id1526481218
Podbean – https://etcg.podbean.com
Spotify – https://open.spotify.com/show/00FRz8g7OkNZdR4WJpTZwr

Be My FRIEND at MeWe: https://mewe.com/i/elithecomputerguy

22 thoughts on “PHP CORE CODE WAS HACKED – I'm going to go vomit now

  1. You're blowing this way out of proportion. Some idiot tried to make a stupid hack and it was caught. Solutions were found and then implemented. This happens every day.

  2. Yeah how terrible, we'll have to be careful about not using a piece of malicious software, which people already are, not just suffer the mass destruction of economy and erosion of basic human rights.

  3. Imagine if a C compiler got compromised. What are you to do, go through the ASM line by line to make sure there aren't any extra undocumented "features" it added in?

  4. I'm not particularly surprised by an attempt at this kind of attack, but I certainly never gave it any significant consideration. I When I first started learning PHP, I used to do an excessive amount of validation all along the chain of calls that touched important data, or data that had come in from the user, but that was more as a consequence of me thinking dumb stuff like "yeah but what if that boolean got flipped for no apparent reason, or that string somehow became corrupted." It's kinda' funny when I stumble upon old code from ~15 years ago that survived on an old USB stick and I read it thinking to myself "why did I write all this crap?"

  5. I was wondering why a video about webprogramming in C on my channel got a lot of traction lately. I am not saying it is related, but you know. 🙂

  6. Bad news, but hearing The Computer Guy talk really detailed nerdy tech, instead of SJW bullshit?. My world makes a little more sense now.. Thank you for all you do Eli

  7. Sorry, but hacking php? In combination using ssl? Maybe different task to achieve. And ssl also varies. So not to be concerned? By the way? .htaccess also an option to secure web content. The combination, makes the difference. Troubling people, maybe a bad idea, if the backdoor maybe used as sort of honeypot and you are already aware that it is possibly there?

    Speaking of containers or maybe jails to run your servers. Isolated from the rest of your system.

    So, logfiles acutally make sence to check recently. to see what is going on.

    Guess what, people always try, to penetrate your system an the easy way could be, to ask how it works or read about it, to create an own space in the world wide web. And PHP? In which version? Maybe the gaps are already closed and speaking of backdoor? Using which port number to communicate? the same as for http? or https? An VPN between different routers? Cause the one your got by your phone company not acutally the best part of equipment, always updated an the thing you control the most, because of your experience.

    Like using a different Firewall like nftables or iptables or firewalld. Some are based on the same layer, other's work differently. Nextcloud always warning to use nginx. as webserver.

    Knowing to allow access only to specific files cause of the rules to access them.

    https://httpd.apache.org/docs/2.4/howto/htaccess.html

    And if you are to concerned? Use Gemini Server instead. Not quite comfortable, but people prefer it more, like to be overburden with commercials on a page. Even faster, transfering less data, only text. Cookie? Accept it or not, or get rid of it recently. Asking about the speed of a browser you have in use, it improves in speed.

  8. So MUCH wishful thinking 😀

    In PHP world people install frameworks with FULL!!!!!!!!!!! admin access to their database. Mentioning things like Views or Stored Procedure causes Senior Developer to have panic attacks.

    And even biger problem in the IT world is that those habits have moved to other languages and stacks.

  9. I knew about this exploit 7 years ago and still have a copy of php code that on the front end when the page was loaded would escalate privileges and allow file traverse into the parent folder of the actual server allowing access to every website hosted on that server. Opening a single file will reveal every one of the websites separate emails and usernames associated with logging into the hosting account control panels. The way I got my hands on the code was just miraculously running FTP on a hosted site I was hired to clear a few viruses and restore when I noticed a php file appear in the root folder which was not there a moment ago and bingo I caught the IP address and location of the hacker who was actually working on hacking the client right at the same time I was there to remove his code! Such luck because the tool was not even encrypted and trust that I was pretty good with php up to that point but nothing prepared me for reading code that could attack CHMOD from execution of php code written on a file rather than use of a shell to terminal access. Oddly it seems strange that regular php or python scripts run how would I assume that it is different at all than actual terminal commands. I bet CSS somehow has a way to do the same lol.

Leave a Reply

Your email address will not be published. Required fields are marked *