科技回声

Interesting! It might actually have a big impact, given how much in use the page is. And the target audience of php.net is likely to be a good target for keylogger attacks (SSH/SFTP logins and the like to development and production machines). It's certainly getting worse than I expected at first. Given how low the AV detection rate is, it would be interesting in how much impact the plugin exploits have for the overall installation base.

Site is a little sluggish, here's a render — <a href="http://i.imgur.com/IjbsN8v.jpg" rel="nofollow">http://i.imgur.com/IjbsN8v.jpg</a>

I was expecting a detailed account of how the server was compromised, although this account of the drive-by malware operating details was interesting too.

Is there any good way to tell if you've been compromised by this exploit?

Site is a little sluggish, here's a render — <a href="http://i.imgur.com/IjbsN8v.jpg" rel="nofollow">http://i.imgur.com/IjbsN8v.jpg</a>

I was expecting a detailed account of how the server was compromised, although this account of the drive-by malware operating details was interesting too.

Is there any good way to tell if you've been compromised by this exploit?

Analysis of yesterday's PHP.net exploit

4 条评论

Analysis of yesterday's PHP.net exploit

4 条评论