>NET programmer needs a PHP file interpreted
Posted: Fri Jun 18, 2010 4:53 pm
Hi Folks,
I am a .NET programmer so know very little about PHP.
One of my clients websites, built using .NET, was recently compromised and 2 folders containing a single PHP script were somehow added to the root of their site. The folders had gibberish names like "bkzrw" and "cftyu". The PHP scripts in both folders were exactly the same but had different file names.
I cant seem to upload the file as an attachment to this forum and I don't want to post the code directly in case it falls into the wrong hands so if anyone would like to help me further with this, please contact me and I will send you the PHP file.
This file may be malicious so PLEASE do not run it on your own machine. I would just like someone to browse the file via a text editor and interpret it that way if possible.
I have never had this type of thing happen before so I am interested to learn all I can about this to try and stop it from happening again.
If anyone has any information about how this may have happened, or has experienced something similar, I would also like to hear from you.
I appreciate your help.
Cheers
Kev
I am a .NET programmer so know very little about PHP.
One of my clients websites, built using .NET, was recently compromised and 2 folders containing a single PHP script were somehow added to the root of their site. The folders had gibberish names like "bkzrw" and "cftyu". The PHP scripts in both folders were exactly the same but had different file names.
I cant seem to upload the file as an attachment to this forum and I don't want to post the code directly in case it falls into the wrong hands so if anyone would like to help me further with this, please contact me and I will send you the PHP file.
This file may be malicious so PLEASE do not run it on your own machine. I would just like someone to browse the file via a text editor and interpret it that way if possible.
I have never had this type of thing happen before so I am interested to learn all I can about this to try and stop it from happening again.
If anyone has any information about how this may have happened, or has experienced something similar, I would also like to hear from you.
I appreciate your help.
Cheers
Kev