hoopplaya4 Posted July 6, 2009 Share Posted July 6, 2009 Hi all, I have just a basic question: Can a MySQL Injection (of any sort) be used to modify/append code to an existing PHP file on one's server? For example, I found an extra line of code on a few php files on my test server which created an iframe (1x1 in size) pointing to a fake mirosoft site. Not sure if this is a co-worker pranking or result of MySQL injection. Thanks. Quote Link to comment Share on other sites More sharing options...
p2grace Posted July 6, 2009 Share Posted July 6, 2009 Only if the contents of the page are dynamically generated from the database... otherwise the server was hacked and the lines were added to the script in the actual file. Quote Link to comment Share on other sites More sharing options...
hoopplaya4 Posted July 6, 2009 Author Share Posted July 6, 2009 Okay, thanks. No, the "extra" code was hard-coded into the file. I've gone ahead and alerted my host provider's security team. Hopefully they will provide some further insight on the matter. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.