xorl %eax, %eax

News: phpMyFAQ Project Backdoored

with 3 comments

Heh… This week has more disclosed hacks and discovered backdoors than killed bug. :P

This one was disclosed by VUPEN Security and it’s about this PHP project. The backdoor is installed in releases 2.6.11 and 2.6.12 and it’s placed in getTopTen() function located in inc/Faq.php file. For completeness, here is the official VUPEN’s security advisory for this backdoor, and here is the project’s one.

Unfortunately, the backdoored version of the project was removed from the tubes and that’s why the hacked code isn’t part of this post. :(

If you have the source code of inc/Faq.php downloaded between December 4 and 15 and you want me to publish it here, drop me an email.

Written by xorl

December 16, 2010 at 20:31

Posted in hax, news

3 Responses

Subscribe to comments with RSS.

  1. If you get a complete backdoored archive, plz forward a copy to myself.

    Wireghoul

    December 17, 2010 at 03:43

  2. /me wonders why aren’t you writing a short sum about the backdoors/bugs which got planted in OCF 10 years ago

    Shift

    December 17, 2010 at 15:53

  3. @Wireghoul: Alright.

    @Shift: Well, like almost everyone I’m aware of just two susceptible patches in the OpenBSD’s Cryptographic Framework (if this is what you mean by OCF). If it turns out to be valid backdoors I’ll write about them too.

    xorl

    December 17, 2010 at 17:54


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s