You can now find Cyber Kendra on Google News | Telegram

PHP Users Database got Hacked in Recent Source Code Attack

The developers have moved master.php.net to the new main.php.net system with TLS 1.2 support, and also reset all passwords.


PHP developer Nikita Popov posted details of an incident involving a hacking of the official PHP Git repository at the end of last month.

“We no longer believe that the git.php.net server has been compromised. However, there is a possibility that the master.php.net user database will be leaked. Master.php.net is used for authentication and various management tasks, ”explained Nikita Popov, the PHP language developer.

Recall that on March 28 of this year, unknown persons added malicious commits to the PHP repository, disguised as PHP developers Rasmus Lerdorf and Nikita Popov. The commits were offered under the guise of typographical fixes, but in fact changed the PHP source code to implement a remotely managed backdoor.

“Git.php.net supports pushing changes not only over SSH (using the Gitolite framework and public key cryptography), but also over HTTPS. Instead of Gitolite, we used git-http-backend to authenticate Apache 2 Digest to the master.php.net user database, ”Popov explained.

Investigating the incident revealed that the commits were added to the repository via HTTPS and "password-based authentication".

As Popov noted, the attacker made only a few attempts to guess the logins and successfully logged in after finding the correct one. The developer believes that the master.php.net user database has been compromised, but it remains unknown why the attacker had to guess the logins in this case.

For security purposes, the developers have moved master.php.net to the new main.php.net system with TLS 1.2 support, and also reset all existing passwords. As Popov noted, now all passwords are stored using the bcrypt algorithm.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.