Watch out ...EXPLOIT (PHP) The step57 exploit is a PHP backdoor in CMS, worldpress, and now to many (php) apps to list. It is a tool used to send back browser/personal info. VERY SCAREY for the end user. I am in the procces of writing a fix for this exploit. I have a entire team working on this and they are ...."THE NEW PROJECT"..they caused a lot of grief so i plan to pay back the favor in a big way. If you now what script name he "plants" with or if you have any info on this ..post it ..I am on this PROJECT untill it is solved. Please ..PM me if you need more details ..I have a lot of info dug up on this fake company. Maybe ALL of us united..CAN help stop these creeps. And if you think it happens to sloppy admin think again ..it manged to weasle into a HIGHLY secure system with out any troubles. And if this gets to ..STEP 57 ....2 words .."TEAM AMERICA" ...LOL..comin for you.
The way it works is when a HTML or PHP file loads it also loads an additional IFRAME 1px that is appended to your script. Top or bottom so far nothing in between. You can see the path is being redirected. In IE it is VERY noticeable and it keeps trying to connect to step57.info over and over again. I can take a look if you want just pm me a link. I also have a fix for it!!! (see below) I ran a custom script on my myspace site that was just riddled with it and now it works perfect. And it set the permissions right for the folders to 755. I then will set a cron job to get it done daily and add it to my CVS build to clean my osCommerce stores. So you can really take a good offense stance here with this exploit with automation. I can offer the script I use to clean my systems if needed. I can have it updated as long as we all provide feed back as well. A simple donation will get it for free. The developer lost a cat today and he wants all donations to go to the humane society. You do not have to give however; save an animal for saving your server is a great way to work. The script: So far the only draw back is you have to run it on each domain and it also sets the permissions and writes a log file of what was changed. So it is pretty cool! I tried to get more domains at once but the “time out†was an issue with PHP. I even tried the global for no time out and it still did not work with more than one domain. Any way PM ..me ..or post here I can help…
WorldPress: http://wordpress.org Great product ...the plugins/thems(skins) ...from what i see is the issue not the software..anyone knows any differnt?... do share. :0) Merry Xmas