Facebook Hacking | Hacking Tools | Facebook Hacking Tool | Twitter Hacking | Crash Website | Hack Gmail Account
Home / Website hacking / PHP.net Wiki Server Hacked

PHP.net Wiki Server Hacked

Posted by Deepanker Verma Tuesday, March 22, 2011 0 comments

PHP.net Wiki Server Hacked

The php.net team announced that the server of the php.net developer wiki has been hacked by unidentified attackers who stole account credentials. Based on the results of a preliminary investigation, the point of entry was a vulnerability in the DokuWiki software used on the platform. The attackers then managed to obtain root privileges on the device by exploiting a local Linux privilege escalation vulnerability.

The biggest concern following the incident was that stolen developer credentials might have been used to alter the official php source code. Because of this, a code audit which reviewed all commits since version 5.3.5 has been performed. Fortunately, no tampering was detected.
There was a brief period when rumors about a backdoor being injected into the code by a Chinese hacker were circulated. 
These were based on a blog post dated March 18, but apparently concerned an incident that occurred in December 2010 when a hacker managed to perform a rogue code commit using PHP developer Hannes Magnusson's credentials.
The modification was not malicious and consisted of only adding a name to a credits file. The commit was promptly detected and reverted at the time.
As precaution, the php.net team completely wiped the compromised wiki server and will force a password change for all repository accounts. Developers should also change their password in other locations where they might have used it.
PHP.net is not the first big open source project to fear code tampering or have one of its infrastructure servers was compromised by hackers.


SOURCE
Categories: , ,

If You Like This Post, Share it With Your Friends


Subscribe us to receive free updates in your inbox:


0 comments:

Post a Comment

Featured FREE Resource:
X




Security Tools

Loading...
Share
Get This

About Me

My Photo
Deepanker Verma
I am Deepanker Verma. A computer geek, Security researcher blogger and software developer. I have deep interest and Information security and web development and try to learn new things. you will see my blogs on hackingtricks, TechlomediaWebtips and Usethistip.

I was also honoured by Apple, Ebay, Symantec, PandaSecurity and various other computer software giants for my security work for their company. I also contribute on some opensource projects regularly.

I also own a web app called NoteDIP that allows users to send self-destructive messages with password protection.

You can add me to circles to get my daily tips :)

View my complete profile

Partners

Blog Archive

Copyright © Hacking Tricks. All rights reserved. Blogger template designed by BLog Bamz