OM2 Posted February 17, 2011 Share Posted February 17, 2011 Can someone advise me how to check for malicious PHP code? If I download a script from somewhere, how can I make sure it's not malicious? If bad, maybe it could delete files?? Or send spam? Or EVEN 'send home' code - so that they can track your usage - OK if I consent - not OK if haven't consented and they're doing it sneakily! Sending spam has been a problem when installing Joomla plugins Are there specific commands I should watch out for in PHP scripts? Like send mail or something? I'm sure the baddies would be clever and maybe use IP numbers to send out to instead of domain names? Is there a PHP code checker online? Something that tells you what your PHP script does? Simple things: like tell you if it sends out mail or makes contact outside or deletes files This would be great - it would save a lot of time going through hundreds/thousands of lines of code Thanks OM Quote Link to comment Share on other sites More sharing options...
btherl Posted February 17, 2011 Share Posted February 17, 2011 I a programmer who could look through code, checking for anything malicious. But I don't. Instead I only use code that is well known, and does not have any negative feedback when searched for in Google. The other big advantage of this approach is that you only get mature software. As for checking the code, there are many ways to do actions like "open a file" or "send a mail". You can look for the common functions like mail() and file_get_contents(), but that will not give you any guarantees. Here are some of the functions you would be looking for: http://php.net/manual/en/ref.filesystem.php http://php.net/manual/en/ref.mail.php But you could easily miss some like these: http://au2.php.net/manual/en/ref.dio.php http://au2.php.net/manual/en/ref.exec.php http://au2.php.net/manual/en/book.pcntl.php http://au2.php.net/manual/en/book.stream.php Quote Link to comment Share on other sites More sharing options...
OM2 Posted February 17, 2011 Author Share Posted February 17, 2011 hmmm... to be honest, i find that odd that there aren't tools that u can use to check the joomla plugins were an amazing amount of trouble - our server got black listed 3 times in 18 months i'm not a hardcore programmer, but i can think of a multitude of ways in which malicious code could be hidden i won't bother going into details how though Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.