c99 php script
Posted: Tue May 25, 2010 5:06 pm
I logged into my clients server the other day and to my surprise there were several suspicious files there I'd never seen before! The scariest of which was a file called testc99.php. Looking at in a browser was even scarier than looking at it in code. It gave anyone access to my work. After reading up on "Remote File Inclusion" which is often associated with this file, I'm completely confused. First of all, nowhere in my 60k+ lines of code, do I use a $_GET variable to include files in the way that remote file inclusion describes. Second of all, I want to know how it was uploaded to the root directory of the web page. In my site, everything uploaded from within the site goes to one or another sub folders but this script was uploaded directly to the same folder as the index of the whole site. Any clues as to how that was accomplished?