User not logged in - login - register
Home Calendar Books School Tool Photo Gallery Message Boards Users Statistics Advertise Site Info
go to bottom | |
 Message Boards » » Can you cure ASP - PHP Injection? $$$$$$ Page [1]  
potpot
All American
641 Posts
user info
edit post

ok Im not talking about SQL injection I'm talking about actual file injection. For example at the end of your php files you find some include to a javascript file on some other server. You erase the crazy code and then an hour later it come back.

Someone or something is actually access the machine and changing files and permission. Windows Small Business Server 2003. If you can cure it we can pay you.

AIM: mfetimine

11/15/2008 8:39:08 AM

qntmfred
retired
40726 Posts
user info
edit post

I think google has some tools to find holes where malware injects itself. Look at Matt Cutts blog, he's talked about it before. Feel free to pm me, I'm at a conference all day today but I'll get back to you

[Edited on November 15, 2008 at 10:41 AM. Reason : .]

11/15/2008 10:41:01 AM

Noen
All American
31346 Posts
user info
edit post

You just need to trace through your IIS access logs, you will find the injection point that way with just a little text searching.

Likely they exploited a vulnerable website, and injected a dashboard, then used that to start doing file and permissions attacks

11/16/2008 7:09:51 AM

smoothcrim
Universal Magnetic!
18966 Posts
user info
edit post

arbitrary file inclusion sir. you aren't sanitizing an input somewhere and/or you probably could use some locking down of your php.ini

[Edited on November 17, 2008 at 2:53 AM. Reason : they used an arbitrary file inclusion to upload code to create the symptoms you posted like ^ said]

11/17/2008 2:52:26 AM

 Message Boards » Tech Talk » Can you cure ASP - PHP Injection? $$$$$$ Page [1]  
go to top | |
Admin Options : move topic | lock topic

© 2024 by The Wolf Web - All Rights Reserved.
The material located at this site is not endorsed, sponsored or provided by or on behalf of North Carolina State University.
Powered by CrazyWeb v2.39 - our disclaimer.