Php officially published a Security Bulletin on its homepage, indicating that it may have been successfully intruded, but the source code has not been implanted with a backdoor. As a widely used development language, the security of the php source code is worrying. Recently, php officially announced that someone has successfully intruded into the official php server, php source code modification is successful.
Php officially published a Security Bulletin on its homepage, indicating that it may have been successfully intruded, but the source code has not been implanted with a backdoor. As a widely used development language, the security of the php source code is worrying. Recently, php officially announced that someone has successfully intruded into the official php server, php source code modification is successful.
Php officially published a Security Bulletin on its homepage, indicating that it may have been successfully intruded, but the source code has not been implanted with a backdoor. As a widely used development language, the security of the php source code is worrying. Recently, php officially announced that someone has successfully intruded into the official php server, it also successfully penetrated the php source code modification permission. Although the investigation showed that the intruders did not implant a backdoor, it showed that the php source code was at risk.
The initial message was submitted on the wooyun Security Information Report platform, and the original message was attached to the submitter.
The image shows that wiki.php.net has been infiltrated successfully.
The attacker successfully modified the php source code. What's interesting is that he left the wolegequ and ungeliveable words in phpinfo. It seems that he only tried to determine whether he could successfully modify the php source code, these words also indicate that they should be a domestic hacker. The people who submitted the information with the nickname BNE did not mention how they were obtained, nor did they respond to the official announcements correctly.
The most primitive announcement in http://www.wooyun.org/bugs/wooyun-2010-01635
Related News: PHP code sources are hacked!