On Dec 17, 2007 11:27 AM, Jeremy Mcentire <jmcentire@xxxxxxxxxx> wrote:
> Wait, I'm confused. Did PHP send a virus to your computer without
> action on your part? That'd be scary. If you downloaded something,
> was the checksum not published for you to verify your download prior
> to unpacking it? That's always a warning worthy of apprehension.
> What was the "PHP-Back-door Trojan" exactly?
Here's what is going on, from start to finish, for anyone who may
be concerned:
1.) Wolf's server was breeched (or attempted) by a couple of
wannabes and script kiddies.
2.) He tar'ed and gZip'ed the malicious PHP scripts, after
renaming them to .phps (source) scripts for you to view.
3.) When you download the gZip'ed tarballs, they contain the PHP
source code in a .phps, as expected.
4.) Any scans of those files COULD and SHOULD indicate that they
are exploits --- BECAUSE THEY ARE.
5.) Some of you may not have chosen to fully read the page telling
you what they are prior to downloading.
6.) If Step 5 applies to you, that is YOUR FAULT, not Wolf's.
I didn't find it all that difficult to read the two paragraphs or
so prior to downloading. In fact, I find that I rather enjoy doing
that so I know what the hell I'm downloading in the first place,
before blindly downloading some code. ;-P
--
Daniel P. Brown
[Phone Numbers Go Here!]
[They're Hidden From View!]
If at first you don't succeed, stick to what you know best so that you
can make enough money to pay someone else to do it for you.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
