Search files phpinfo.php, part 3
I repeated the experiment to search for phpinfo.php files , adding info.php and php.php files to the check.
37,056 sites of the Runet were investigated, of which 3,787 found phpinfo.php, info.php or php.php files with the phpinfo function (~ 10.22%).
Similar verification of foreign sites: studied 164,288 sites, phpinfo.php, info.php or php.php found at 7.944 (~ 4.84%).
Side effect of the study, PHP version statistics
')
Detailed statistics on PHP versions.
Statistics on file names.
Some sites found two files, so the amount of files does not match the number of sites.
The list of Russian sites is taken from Yandex.Catalog, the list of foreign sites from DMOZ.
Hacking the site begins with the collection of information about the server!
% username%, and you deleted the phpinfo.php file (php.php, temp.php, test.php) from your site?
37,056 sites of the Runet were investigated, of which 3,787 found phpinfo.php, info.php or php.php files with the phpinfo function (~ 10.22%).
Similar verification of foreign sites: studied 164,288 sites, phpinfo.php, info.php or php.php found at 7.944 (~ 4.84%).
Side effect of the study, PHP version statistics
')
| Version | Runet | Bourgeois | ||||
|---|---|---|---|---|---|---|
| 5.3 | 423 | 11.17% | + 3.67% | 935 | 11.77% | + 4.51% |
| 5.2 | 2421 | 63.93% | -0.12% | 5059 | 63.68% | + 0.87% |
| 5.1 | 196 | 5.18% | -1.20% | 744 | 9.37% | -1.73% |
| 5.0 | 14 | 0.37% | + 0.12% | 46 | 0.58% | -0.28% |
| 4.4 | 586 | 15.47% | -1.30% | 845 | 10.64% | -2.10% |
| 4.3 | 140 | 3.70% | -1.16% | 298 | 3.75% | -1.21% |
| 4.2 | five | 0.13% | -0.02% | 13 | 0.16% | -0.08% |
| 4.1 | 2 | 0.05% | four | 0.05% | + 0.01% | |
| 3787 | 7944 | |||||
Detailed statistics on PHP versions.
| Version | Runet | Bourgeois | ||||
|---|---|---|---|---|---|---|
| 5.3.8 | 109 | 2.88% | + 2.88% | 194 | 2.44% | + 2.44% |
| 5.3.7 | four | 0.11% | + 0.11% | 2 | 0.03% | + 0.03% |
| 5.3.6 | 76 | 2.01% | + 0.34% | 278 | 3.50% | + 2.04% |
| 5.3.5 | 54 | 1.43% | -0.24% | 111 | 1.40% | -0.26% |
| 5.3.4 | eight | 0.21% | + 0.06% | 24 | 0.30% | -0.24% |
| 5.3.3 | 111 | 2.93% | + 0.82% | 180 | 2.27% | + 0.39% |
| 5.3.2 | 52 | 1.37% | -0.05% | 112 | 1.41% | + 0.19% |
| 5.3.1 | 6 | 0.16% | -0.14% | 21 | 0.26% | -0.06% |
| 5.3.0 | 3 | 0.08% | -0.12% | 13 | 0.16% | -0.02% |
| 5.2.17 | 806 | 21.28% | + 5.15% | 2210 | 27.82% | + 10.41% |
| 5.2.16 | 31 | 0.82% | -0.46% | 205 | 2.58% | -1.40% |
| 5.2.15 | 3 | 0.08% | -0.66% | 20 | 0.25% | -2.45% |
| 5.2.14 | 154 | 4.07% | -0.45% | 354 | 4.46% | -2.96% |
| 5.2.13 | 102 | 2.69% | 307 | 3.86% | -2.41% | |
| 5.2.12 | 362 | 9.56% | -1.08% | 157 | 1.98% | + 0.02% |
| 5.2.11 | 84 | 2.22% | -0.87% | 306 | 3.85% | + 1.73% |
| 5.2.10 | 179 | 4.73% | + 0.71% | 148 | 1.86% | -0.08% |
| 5.2.9 | 89 | 2.35% | -0.45% | 429 | 5.40% | -0.18% |
| 5.2.8 | 45 | 1.19% | -0.43% | 95 | 1.20% | -0.66% |
| 5.2.7 | one | 0.01% | -0.01% | |||
| 5.2.6 | 298 | 7.87% | -0.66% | 452 | 5.69% | -0.33% |
| 5.2.5 | 113 | 2.98% | -0.55% | 121 | 1.52% | -0.44% |
| 5.2.4 | 92 | 2.43% | -0.12% | 119 | 1.50% | -0.32% |
| 5.2.3 | nineteen | 0.50% | -0.23% | 40 | 0.50% | + 0.02% |
| 5.2.2 | 7 | 0.18% | -0.06% | 13 | 0.16% | + 0.02% |
| 5.2.1 | 7 | 0.18% | -0.11% | 24 | 0.30% | -0.10% |
| 5.2.0 | thirty | 0.79% | + 0.15% | 58 | 0.73% | -0.01% |
| 5.1.6 | 174 | 4.59% | -1.24% | 694 | 8.74% | -1.60% |
| 5.1.5 | one | 0.01% | -0.01% | |||
| 5.1.4 | eight | 0.21% | + 0.02% | 24 | 0.30% | -0.16% |
| 5.1.2 | 13 | 0.34% | + 0.05% | 21 | 0.26% | + 0.04% |
| 5.1.1 | one | 0.03% | -0.02% | 3 | 0.04% | + 0.02% |
| 5.1.0 | one | 0.01% | -0.03% | |||
| 5.0.5 | 2 | 0.05% | + 0.05% | 12 | 0.15% | -0.31% |
| 5.0.4 | 12 | 0.32% | + 0.07% | 28 | 0.35% | + 0.03% |
| 5.0.3 | 3 | 0.04% | -0.02% | |||
| 5.0.2 | 2 | 0.03% | + 0.01% | |||
| 5.0.1 | one | 0.01% | + 0.01% | |||
| 4.4.9 | 373 | 9.85% | -0.30% | 574 | 7.23% | -0.39% |
| 4.4.8 | 55 | 1.45% | -0.26% | 66 | 0.83% | -0.49% |
| 4.4.7 | 34 | 0.90% | -0.52% | 80 | 1.01% | -0.29% |
| 4.4.6 | 6 | 0.16% | + 0.01% | 13 | 0.16% | -0.04% |
| 4.4.5 | one | 0.03% | -0.02% | one | 0.01% | -0.03% |
| 4.4.4 | 74 | 1.95% | -0.11% | 53 | 0.67% | -0.73% |
| 4.4.3 | 6 | 0.16% | + 0.01% | 9 | 0.11% | -0.03% |
| 4.4.2 | sixteen | 0.42% | -0.07% | 15 | 0.19% | -0.05% |
| 4.4.1 | 12 | 0.32% | -0.12% | 20 | 0.25% | + 0.01% |
| 4.4.0 | 9 | 0.24% | + 0.09% | 14 | 0.18% | -0.06% |
| 4.3.12 | one | 0.03% | -0.02% | |||
| 4.3.11 | sixteen | 0.42% | -0.17% | 50 | 0.63% | -0.51% |
| 4.3.10 | 49 | 1.29% | -0.42% | 74 | 0.93% | -0.29% |
| 4.3.9 | 49 | 1.29% | -0.47% | 109 | 1.37% | -0.33% |
| 4.3.8 | 2 | 0.05% | -0.05% | 7 | 0.09% | + 0.05% |
| 4.3.7 | one | 0.01% | -0.01% | |||
| 4.3.6 | four | 0.11% | + 0.06% | 6 | 0.08% | + 0.04% |
| 4.3.5 | one | 0.01% | -0.01% | |||
| 4.3.4 | five | 0.13% | + 0.03% | 15 | 0.19% | -0.13% |
| 4.3.3 | 3 | 0.08% | + 0.08% | 9 | 0.11% | -0.03% |
| 4.3.2 | 6 | 0.16% | -0.23% | 21 | 0.26% | + 0.04% |
| 4.3.1 | 3 | 0.08% | + 0.03% | 2 | 0.03% | -0.03% |
| 4.3.0 | 2 | 0.05% | 3 | 0.04% | ||
| 4.2.3 | four | 0.11% | -0.04% | 7 | 0.09% | -0.03% |
| 4.2.2 | one | 0.03% | + 0.03% | five | 0.06% | -0.06% |
| 4.2.1 | one | 0.01% | + 0.01% | |||
| 4.1.2 | 2 | 0.05% | 3 | 0.04% | + 0.02% | |
| 4.1.1 | one | 0.01% | -0.01% | |||
| 3787 | 7944 | |||||
Statistics on file names.
| File | Runet | Bourgeois | ||
|---|---|---|---|---|
| phpinfo.php | 2024 | 50.42% | 5230 | 62.46% |
| info.php | 1681 | 41.88% | 2829 | 33.79% |
| php.php | 309 | 7.70% | 314 | 3.75% |
| 4014 | 8373 | |||
Some sites found two files, so the amount of files does not match the number of sites.
The list of Russian sites is taken from Yandex.Catalog, the list of foreign sites from DMOZ.
Hacking the site begins with the collection of information about the server!
% username%, and you deleted the phpinfo.php file (php.php, temp.php, test.php) from your site?
Source: https://habr.com/ru/post/131007/
All Articles