Php.net Resource Restored
Just yesterday I witnessed a disagreeable event, namely, the lack of access to php.net . What was soon written in the post http://habrahabr.ru/post/198816/ .
Today, access to the resource from Chrome and Firefox has been restored.
As far as I understood from the message on php.net from 10/24/13, the problem lay in the work of the userprefs.js file, which received the content with the wrong size, corrected it, and returned it after a couple of minutes. Google ran into one such change, which looked from the outside as something immoral, and from sin on thehead was further shot by the admin banned the site.
A little later, the administration unsubscribed that they still continue to work on the consequences of the failure. The team checked each server responsible for php.net and did find a couple of infected. Three affected servers are currently detected: www.php.net , static.php.net, git.php.net. It is noted that the hacking method is still not clear.
')
Currently, all vulnerable services have been migrated from these servers. The team checked the purity of the Git repository. At the time of the evening of 24/10/13, the resource was receiving a new SSL (the old one was recalled, since theoretically attackers could get access to it).
The report noted that the percentage of users who have been attacked is small (although they did not publish a specific number). The attack itself took place from 22 to 24 October.
As a preventive measure, all users of svn.php.net and git.php.net will reset passwords.
Today, access to the resource from Chrome and Firefox has been restored.
As far as I understood from the message on php.net from 10/24/13, the problem lay in the work of the userprefs.js file, which received the content with the wrong size, corrected it, and returned it after a couple of minutes. Google ran into one such change, which looked from the outside as something immoral, and from sin on the
A little later, the administration unsubscribed that they still continue to work on the consequences of the failure. The team checked each server responsible for php.net and did find a couple of infected. Three affected servers are currently detected: www.php.net , static.php.net, git.php.net. It is noted that the hacking method is still not clear.
')
Currently, all vulnerable services have been migrated from these servers. The team checked the purity of the Git repository. At the time of the evening of 24/10/13, the resource was receiving a new SSL (the old one was recalled, since theoretically attackers could get access to it).
The report noted that the percentage of users who have been attacked is small (although they did not publish a specific number). The attack itself took place from 22 to 24 October.
As a preventive measure, all users of svn.php.net and git.php.net will reset passwords.
Source: https://habr.com/ru/post/198970/
All Articles