[RESOLVED] how can hackers use fsockopen to hack a site?

Zpixel

is fsockopen an efficient tool for hackers?
i tested fsockopen on my site,just the result of php pages is returned.
can hackers get the source code?
how can hackers use fsockopen to hack a site?

laserlight

i tested fsockopen on my site,just the result of php pages is returned.
can hackers get the source code?

If the web server fails to invoke the PHP interpreter to parse the PHP script, then fsockopen, and indeed any way of accessing the page, would return the PHP source code. This is one reason why sensitive data like database connection details should be kept outside of the web space.

how can hackers use fsockopen to hack a site?

Crackers/hackers can exploit bugs in programs, such as web servers, listening over the network. They do not have to use fsockopen() from PHP, of course, and by itself it is not enough since it only opens a connection, but I think I have said enough. Do your own research.

Zpixel

This is one reason why sensitive data like database connection details should be kept outside of the web space.

what does meen "outside of the web space".
how does it occure?

laserlight

what does meen "outside of the web space".

Not within the document root (e.g., public_html directory).

Zpixel

Thanks.