[nycphp-talk] OpenID is what?
csnyder
chsnyder at gmail.com
Fri Oct 31 09:12:19 EDT 2008
On Fri, Oct 31, 2008 at 1:31 AM, <mikesz at qualityadvantages.com> wrote:
> That was essentially what the assumption was by the ISP, they think
> that the hacker got in using one of the folders that is required to be
> "writable" by the script for stuff like image processing and they
> speculated that having gotten in, they simply uploaded their junk to
> an obscure folder that contained a single php file. My problem with
> that theory is that they can not produce the hack that let them into
> the system, like I would normally see something like this in my
> logifles - /inc/design.inc.php?dir[inc]=http://www.etc
So the directory is writable by the script... what user does the script run as?
Are there other accounts on the server that can also execute scripts
as that user? If so, the access would be in their logs, not yours.
More information about the talk
mailing list