<link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3448621598664628523&zx=c2b813f4-3247-4f6a-bc38-9a082bc7923f' media='none' onload='if(media!='all')media='all'' rel='stylesheet'/><noscript><link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3448621598664628523&zx=c2b813f4-3247-4f6a-bc38-9a082bc7923f' rel='stylesheet'/></noscript>
<meta name='google-adsense-platform-account' content='ca-host-pub-1556223355139109'/>
<meta name='google-adsense-platform-domain' content='blogspot.com'/>

<script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1618281995222563&host=ca-host-pub-1556223355139109" crossorigin="anonymous"></script>

<!-- data-ad-client=ca-pub-1618281995222563 -->

<link rel="stylesheet" href="https://fonts.googleapis.com/css2?display=swap&family=Playfair+Display&family=Indie+Flower&family=Open+Sans&family=Poppins"></head><body>

PHP Users Database got Hacked in Recent Source Code Attack

The developers have moved master.php.net to the new main.php.net system with TLS 1.2 support, and also reset all passwords.

Admin

April 08, 2021

PHP developer Nikita Popov posted details of an incident involving a hacking of the official PHP Git repository at the end of last month.

“We no longer believe that the git.php.net server has been compromised. However, there is a possibility that the master.php.net user database will be leaked. Master.php.net is used for authentication and various management tasks, ”explained Nikita Popov, the PHP language developer.

Recall that on March 28 of this year, unknown persons added malicious commits to the PHP repository, disguised as PHP developers Rasmus Lerdorf and Nikita Popov. The commits were offered under the guise of typographical fixes, but in fact changed the PHP source code to implement a remotely managed backdoor.

“Git.php.net supports pushing changes not only over SSH (using the Gitolite framework and public key cryptography), but also over HTTPS. Instead of Gitolite, we used git-http-backend to authenticate Apache 2 Digest to the master.php.net user database, ”Popov explained.

Investigating the incident revealed that the commits were added to the repository via HTTPS and "password-based authentication".

As Popov noted, the attacker made only a few attempts to guess the logins and successfully logged in after finding the correct one. The developer believes that the master.php.net user database has been compromised, but it remains unknown why the attacker had to guess the logins in this case.

For security purposes, the developers have moved master.php.net to the new main.php.net system with TLS 1.2 support, and also reset all existing passwords. As Popov noted, now all passwords are stored using the bcrypt algorithm.

Read Also

Share:

You may like these posts Show all

Post a Comment

<script type="text/javascript" src="https://www.blogger.com/static/v1/widgets/1807328581-widgets.js"></script>
<script type='text/javascript'>
window['__wavt'] = 'AOuZoY5YzJHsN0kO_AtPRszhv_0fivD18g:1714084959692';_WidgetManager._Init('//www.blogger.com/rearrange?blogID\x3d3448621598664628523','//www.cyberkendra.com/2021/04/php-users-database-got-hacked-in-recent.html','3448621598664628523');
_WidgetManager._SetDataContext([{'name': 'blog', 'data': {'blogId': '3448621598664628523', 'title': 'Cyber Kendra', 'url': 'https://www.cyberkendra.com/2021/04/php-users-database-got-hacked-in-recent.html', 'canonicalUrl': 'https://www.cyberkendra.com/2021/04/php-users-database-got-hacked-in-recent.html', 'homepageUrl': 'https://www.cyberkendra.com/', 'searchUrl': 'https://www.cyberkendra.com/search', 'canonicalHomepageUrl': 'https://www.cyberkendra.com/', 'blogspotFaviconUrl': 'https://www.cyberkendra.com/favicon.ico', 'bloggerUrl': 'https://www.blogger.com', 'hasCustomDomain': true, 'httpsEnabled': true, 'enabledCommentProfileImages': true, 'gPlusViewType': 'FILTERED_POSTMOD', 'adultContent': false, 'analyticsAccountNumber': 'G-YN9DJXCC22', 'analytics4': true, 'encoding': 'UTF-8', 'locale': 'en', 'localeUnderscoreDelimited': 'en', 'languageDirection': 'ltr', 'isPrivate': false, 'isMobile': false, 'isMobileRequest': false, 'mobileClass': '', 'isPrivateBlog': false, 'isDynamicViewsAvailable': true, 'feedLinks': '\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cyber Kendra - Atom\x22 href\x3d\x22https://www.cyberkendra.com/feeds/posts/default\x22 /\x3e\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/rss+xml\x22 title\x3d\x22Cyber Kendra - RSS\x22 href\x3d\x22https://www.cyberkendra.com/feeds/posts/default?alt\x3drss\x22 /\x3e\n\x3clink rel\x3d\x22service.post\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cyber Kendra - Atom\x22 href\x3d\x22https://www.blogger.com/feeds/3448621598664628523/posts/default\x22 /\x3e\n\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cyber Kendra - Atom\x22 href\x3d\x22https://www.cyberkendra.com/feeds/3815195514636074404/comments/default\x22 /\x3e\n', 'meTag': '', 'adsenseClientId': 'ca-pub-1618281995222563', 'adsenseHostId': 'ca-host-pub-1556223355139109', 'adsenseHasAds': true, 'adsenseAutoAds': true, 'boqCommentIframeForm': true, 'loginRedirectParam': '', 'view': '', 'dynamicViewsCommentsSrc': '//www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js', 'dynamicViewsScriptSrc': '//www.blogblog.com/dynamicviews/111cb1309c0430aa', 'plusOneApiSrc': 'https://apis.google.com/js/platform.js', 'disableGComments': true, 'interstitialAccepted': false, 'sharing': {'platforms': [{'name': 'Get link', 'key': 'link', 'shareMessage': 'Get link', 'target': ''}, {'name': 'Facebook', 'key': 'facebook', 'shareMessage': 'Share to Facebook', 'target': 'facebook'}, {'name': 'BlogThis!', 'key': 'blogThis', 'shareMessage': 'BlogThis!', 'target': 'blog'}, {'name': 'Twitter', 'key': 'twitter', 'shareMessage': 'Share to Twitter', 'target': 'twitter'}, {'name': 'Pinterest', 'key': 'pinterest', 'shareMessage': 'Share to Pinterest', 'target': 'pinterest'}, {'name': 'Email', 'key': 'email', 'shareMessage': 'Email', 'target': 'email'}], 'disableGooglePlus': true, 'googlePlusShareButtonWidth': 0, 'googlePlusBootstrap': '\x3cscript type\x3d\x22text/javascript\x22\x3ewindow.___gcfg \x3d {\x27lang\x27: \x27en\x27};\x3c/script\x3e'}, 'hasCustomJumpLinkMessage': false, 'jumpLinkMessage': 'Read more', 'pageType': 'item', 'postId': '3815195514636074404', 'postImageThumbnailUrl': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhR19CAC_Fq4bWYT41dR_uYnVq7qLBXaGyZP3gjrg8rkPe2eB9QB5T4BQGOGoPZgNelh6aqd1EO6bwptryGCr3XSsH2uwxiWt1T2WZmGBTB7M1JdgcE2la6U2uVk7EYGx2LHod3Z2WAniY/s72-w640-c-h360/main-qimg-2cda50c6c60c45ddf835e05edf2a01e0+%25281%2529.webp', 'postImageUrl': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhR19CAC_Fq4bWYT41dR_uYnVq7qLBXaGyZP3gjrg8rkPe2eB9QB5T4BQGOGoPZgNelh6aqd1EO6bwptryGCr3XSsH2uwxiWt1T2WZmGBTB7M1JdgcE2la6U2uVk7EYGx2LHod3Z2WAniY/w640-h360/main-qimg-2cda50c6c60c45ddf835e05edf2a01e0+%25281%2529.webp', 'pageName': 'PHP Users Database got Hacked in Recent Source Code Attack', 'pageTitle': 'Cyber Kendra: PHP Users Database got Hacked in Recent Source Code Attack', 'metaDescription': 'The developers have moved master.php.net to the new main.php.net system with TLS 1.2 support, and also reset all passwords.'}}, {'name': 'features', 'data': {}}, {'name': 'messages', 'data': {'edit': 'Edit', 'linkCopiedToClipboard': 'Link copied to clipboard!', 'ok': 'Ok', 'postLink': 'Post Link'}}, {'name': 'template', 'data': {'name': 'custom', 'localizedName': 'Custom', 'isResponsive': true, 'isAlternateRendering': false, 'isCustom': true}}, {'name': 'view', 'data': {'classic': {'name': 'classic', 'url': '?view\x3dclassic'}, 'flipcard': {'name': 'flipcard', 'url': '?view\x3dflipcard'}, 'magazine': {'name': 'magazine', 'url': '?view\x3dmagazine'}, 'mosaic': {'name': 'mosaic', 'url': '?view\x3dmosaic'}, 'sidebar': {'name': 'sidebar', 'url': '?view\x3dsidebar'}, 'snapshot': {'name': 'snapshot', 'url': '?view\x3dsnapshot'}, 'timeslide': {'name': 'timeslide', 'url': '?view\x3dtimeslide'}, 'isMobile': false, 'title': 'PHP Users Database got Hacked in Recent Source Code Attack', 'description': 'The developers have moved master.php.net to the new main.php.net system with TLS 1.2 support, and also reset all passwords.', 'featuredImage': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhR19CAC_Fq4bWYT41dR_uYnVq7qLBXaGyZP3gjrg8rkPe2eB9QB5T4BQGOGoPZgNelh6aqd1EO6bwptryGCr3XSsH2uwxiWt1T2WZmGBTB7M1JdgcE2la6U2uVk7EYGx2LHod3Z2WAniY/w640-h360/main-qimg-2cda50c6c60c45ddf835e05edf2a01e0+%25281%2529.webp', 'url': 'https://www.cyberkendra.com/2021/04/php-users-database-got-hacked-in-recent.html', 'type': 'item', 'isSingleItem': true, 'isMultipleItems': false, 'isError': false, 'isPage': false, 'isPost': true, 'isHomepage': false, 'isArchive': false, 'isLabelSearch': false, 'postId': 3815195514636074404}}, {'name': 'widgets', 'data': [{'title': 'Template Code (Do not disable)', 'type': 'HTML', 'sectionId': 'settings', 'id': 'HTML6'}, {'title': 'Cyber Kendra (Header)', 'type': 'Header', 'sectionId': 'header', 'id': 'Header1'}, {'title': 'Social Media Link', 'type': 'LinkList', 'sectionId': 'section', 'id': 'LinkList1'}, {'title': '', 'type': 'HTML', 'sectionId': 'header_bottom_widget', 'id': 'HTML3'}, {'title': 'Blog Posts', 'type': 'Blog', 'sectionId': 'main', 'id': 'Blog1', 'posts': [{'id': '3815195514636074404', 'title': 'PHP Users Database got Hacked in Recent Source Code Attack', 'featuredImage': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhR19CAC_Fq4bWYT41dR_uYnVq7qLBXaGyZP3gjrg8rkPe2eB9QB5T4BQGOGoPZgNelh6aqd1EO6bwptryGCr3XSsH2uwxiWt1T2WZmGBTB7M1JdgcE2la6U2uVk7EYGx2LHod3Z2WAniY/w640-h360/main-qimg-2cda50c6c60c45ddf835e05edf2a01e0+%25281%2529.webp', 'showInlineAds': false}], 'footerBylines': [{'regionName': 'footer1', 'items': [{'name': 'author', 'label': 'by'}, {'name': 'timestamp', 'label': 'On'}, {'name': 'comments', 'label': 'Post a Comment'}, {'name': 'share', 'label': ''}]}, {'regionName': 'footer2', 'items': [{'name': 'labels', 'label': ''}]}], 'allBylineItems': [{'name': 'author', 'label': 'by'}, {'name': 'timestamp', 'label': 'On'}, {'name': 'comments', 'label': 'Post a Comment'}, {'name': 'share', 'label': ''}, {'name': 'labels', 'label': ''}]}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'top_ads', 'id': 'HTML90'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'middle_ads_2', 'id': 'HTML93'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'matched_content_ads', 'id': 'HTML7'}, {'title': 'Trending!', 'type': 'PopularPosts', 'sectionId': 'sidebar', 'id': 'PopularPosts1', 'posts': [{'title': ' Pirate Bay Proxy List 2024: Unblock The Pirate bay33 [April Updated]', 'id': 7709902560608743927}, {'title': '1337x Proxy List 2024: Your Guide to Safe and Legal Torrenting', 'id': 1078991593587710032}, {'title': 'Download ExaGear APK + obb - Windows Emulator for Android', 'id': 3731719425182612328}, {'title': 'Convert SQL Server to MySQL - Important Things to Consider', 'id': 1772728232949461230}, {'title': 'The Dos And Don\u2019ts Of Building Effective External Links', 'id': 2066265753436086049}, {'title': 'ExtraTorrents Proxy List 2024 To Unblock Extratorrent', 'id': 7687163451941064055}]}, {'title': 'Table of Contents', 'type': 'HTML', 'sectionId': 'toc_auto', 'id': 'HTML8'}, {'title': 'Follow Us', 'type': 'LinkList', 'sectionId': 'footer_widgets', 'id': 'LinkList10'}]}]);
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML6', 'settings', document.getElementById('HTML6'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HeaderView', new _WidgetInfo('Header1', 'header', document.getElementById('Header1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList1', 'section', document.getElementById('LinkList1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML3', 'header_bottom_widget', document.getElementById('HTML3'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_BlogView', new _WidgetInfo('Blog1', 'main', document.getElementById('Blog1'), {'cmtInteractionsEnabled': false}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML90', 'top_ads', document.getElementById('HTML90'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML93', 'middle_ads_2', document.getElementById('HTML93'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML7', 'matched_content_ads', document.getElementById('HTML7'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_PopularPostsView', new _WidgetInfo('PopularPosts1', 'sidebar', document.getElementById('PopularPosts1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML8', 'toc_auto', document.getElementById('HTML8'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList10', 'footer_widgets', document.getElementById('LinkList10'), {}, 'displayModeFull'));
</script>
</body>