[nycphp-talk] Injection Attack, any ideas?
mikesz at qualityadvantages.com
mikesz at qualityadvantages.com
Wed Nov 7 07:23:32 EST 2007
Hello David,
Wednesday, November 7, 2007, 8:08:27 PM, you wrote:
> mikesz at qualityadvantages.com wrote:
>>
>> Here is the URL : http://cl1p.net/myexploitedcode/
>>
>> thanks, mikesz
> I am definitely not the code fashion police here, but I have quite some
> problems to figure out what the code does and from where it gets stuff. Some
> more comments other than a sequence of dashes makes ones life much easier,
> especially when coming back later to figure out why stuff went wrong. You
> didn't specify if it was your code, so blame the appropriate party. I make
> sure that I put some comment for at least every two lines. Even when I can't
> figure out what the code does I still know what it is supposed to do.
> I also wonder what the requires at the top do. Do they contain only static
> output or only functions? Or is there code executed before any of this script
> even comes into play. You may want to look in there as well.
> In regards to you problem....uhmmmm, I pass. You need to wait for some smarter
> people to respond.
> David
> _______________________________________________
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
> __________ NOD32 2642 (20071106) Information __________
> This message was checked by NOD32 antivirus system.
> http://www.eset.com
HA! I know its pretty awful! Sloppy is much too good to label it. That
is what I inherited. The hackers who did this stuff are on to bigger
and better with a whole range of social networking stuff not much
better than this ...
--
Best regards,
mikesz mailto:mikesz at qualityadvantages.com
More information about the talk
mailing list