CLI analysis of hacked php.net

From: Dave Brockman 
------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://www.netresec.com/?page=Blog&month=2013-10&post=Command-line-Forensics-of-hacked-PHP-net

Regards,

dtb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSbxOZAAoJEMP+wtEOVbcdhHYH/1MoRz9Fc1YxgoJ0y9cWjkH/
iUYIPRTNaI2jNdNuMYVTeBazJbgMBcdvEmsBx06rxuONaOZVjEoY71zkfTBYeYwy
aW5E1VovoBBKx+jV23iXngdJ0iywtz5m8reyhki3GyiGjBXAXqFoaRdGKL5OltP5
pNab//vQuIEfyvyuVI2UTtHIgqhyMv75+PjkcMRbXxToNenkyn0LX+mMVEWZWkkk
X5VIMYflWZTrWaJei7aw5Bbs3cDH5RTOtARMK1lTxLYRVOKO4mrceFmyrpKjgOdb
IpIMPruuXYpyX60SvSGGSHoYK1MlHBA8KH7fynSfekxOJdxK1wpPqn5afZaUS4k=
=tShk
-----END PGP SIGNATURE-----

=============================================================== From: James Nylen ------------------------------------------------------ Yay PHP! I'll just leave this here: http://me.veekun.com/blog/2012/04/09/php-a-fractal-of-bad-design/

=============================================================== From: Mike Harrison ------------------------------------------------------ Yeah, PHP sucks.. ABC-Pro++ or whatever is obviously much better. This rant is from a very talented programmer that started somewhere else = and has very specific expectations for behavior.=20 Alex is a Python purest and looks at the world throughout those glasses.=20= I love/hate PHP and do things on a scale, depth and breadth in it few = comprehend.. sometimes even me.=20 It's a useful tool. Learn how it works, respect some of the historical = oddities and go forward.=20 Like many programmers, Alex is interested in polishing his tools, not = building things.=20 I've seen real talent build web browsers in database languages, embedded = systems in line numbered basic,=20 email servers in a Macro Language (M4 was originally a text parsing = macro language and become: sendmail ) Today I fixed and wrote code in PHP, Perl, Expect, Java (AAaaack!) Bash = and JavaScript..=20 As for the exploit of php.net: I did not find a clear example of the = initial exploit.=20 http://barracudalabs.com/2013/10/php-net-compromise/ says it is still = unclear.=20 But it was an interesting, short and incomplete article.=20 Old programmers never die, their code just gets commented out.. PHP's = been around for a while, and will be.=20

=============================================================== From: William Roush ------------------------------------------------------ Sums up my opinion, language sucks for a long list of reasons, but if it's a web host I can bet it supports PHP, I can't bet it supports .Net/Java/Python/Ruby/etc. and deployment will be painfully easy. William Roush

=============================================================== From: Wil Wade ------------------------------------------------------ Just a note that PHP has been on the move again with 5.4, 5.5+ and has been taking the criticisms such as in this article and working toward corrections. A lot of people have the view of PHP 4 or even 5.2 (which is when this article was written) which is fairly different than the current 5.5.

=============================================================== From: Ed King ------------------------------------------------------ my favorite part:=A0 the dumb terminal logged into Cromemco DOS :)=0A=0A=0A= =0A