phpgetter

Anon

Hello. Pardon the paranoid post, but I'm curious if anyone has heard of a script or program that allows malicious users to view the source of a php page (bypassing the php processor). I ask because I noticed the name "phpgetter" in my access logs. Thanks for your consideration.

-Vaughn
developer@sbcglobal.net

theslinky

I highly doubt it. PHP is processed on the server side before any output to the client is generated.

Perhaps the hacker is looking for .phps (php source), .txt or other files assuming you have stored an alternate copy of the file with a different extension...

Also, check to make sure that you have hidden .inc files (if you use the .inc extension for includes). Unless you specify explicitely in apache to hide files with the .inc extension, it will simply show those files as text files.

-sridhar

P.S. Perhaps the hacker is exploiting an apache exploit?? or maybe it's not a hacker at all!

Anon

Thanks. I realize that it's unlikely and that php is processed on the server side. I've also taken the usual precautions. Of course, "unlikely" isn't equivalent to "impossible" so I thought I'd ask. For someone to give the user_agent the name "phpgetter" sorta worried me. :-)