On Thu, May 31, 2012 at 1:21 PM, Tedd Sperling <tedd@xxxxxxxxxxxx> wrote:
>
> So, my question to the group -- has PHP produced any viruses? If not, could it? If so, can anyone elaborate on the details?
To my own memory, viruses by definition, no. However, with that
said, there's tons of PHP malware, including self-replicating worms
that target certain vulnerabilities (such as known exploits in
versions of WordPress). In fact, one of the most common PHP-scripted
attacks on the web is against an individual script, which has been
packaged in with many other PHP applications - including WordPress -
over the years. The script, known as TimThumb, has an extremely
well-known vulnerability in past versions, which are still in
widespread use today.
The thing is, a PHP virus would be simple to write, so there
likely are a few out there. However, because a virus needs direct
interaction to spread it, it would be less effective than something
that is "set and forget" like a worm.
Conversely, there are worms written in PHP that then inject
JavaScript into PHP/HTML files and, usually using an iframe, attempt
to force a malicious file to be downloaded by the user, who may or may
not believe the interaction to be legitimate. Still, since PHP isn't
a client-side application, and - aside from a precompiled binary to
match the target operating system - requires the PHP parser to be
present and configured, as well as execution of the script to be
initiated by the user or a predictable automated process, it's
unlikely that a PHP virus (again, by definition) would see enough
success to make it worthwhile to the author.
--
</Daniel P. Brown>
Network Infrastructure Manager
http://www.php.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
