AW: AW: ANN: GLX2 3.05

stephen barncard stephenREVOLUTION2 at
Thu Jun 14 21:58:47 EDT 2012

these guys would pack a string of URLEncoded PHP code with no white space
into a global, then decode and call it. It was usually placed at the bottom
of one's document.


On Thu, Jun 14, 2012 at 6:39 PM, Andre Garzia <andre at> wrote:

> On Thu, Jun 14, 2012 at 10:20 PM, Mark Wieder <mwieder at
> >wrote:
> > ??? What possible good would changing the filetype be? Fortunately all
> > my .irev files are in cgi-bin lockers or otherwise inocuous, but I
> > can't imagine why someone would program a bot to change a non-php file
> > to a php type. Just in case it had executable php code? Weird.
> >
> If you change the filename to end in .php and enter a string like:
> <?php
> include "superhack.php"
> ?>
> in the beginning of the file or at the end, it will be guaranteed to run
> your hack. You can also make it download PHP code from a C&C URL, save it
> to a temp file and include it (include is PHP for execute), which is
> terribly dangerous.
> --
> -- All We Do Is Code.

Stephen Barncard
San Francisco Ca. USA

more about sqb  <>

More information about the Use-livecode mailing list