Help! Nginx Vulnerable Remote file inclusion
escavern
nginx-forum at nginx.us
Sat Dec 3 04:48:01 UTC 2011
I really need help here :(
my forum got hacked 3 times, and i detected the hacker use RFI(Remote
file inclusion) after i found an avatar image contain Phpshell code
inside it. and the weird thing is when i tried to use RFI on Apache it
will not run the phpshell,
You can see here:
http://www.ceriwis.org/rfi.php?hal=ass.jpg <------------ using
NGINX and phpshell executed
and
http://ceri.ws/rfi.php?hal=ass.jpg <---------------- using
Apace and phpshell unable to executed
im using Nginx 0.8.53 and php-fpm
I really need solution to solve my problem guys. i want to stop the
image to get executed like Apache does..
Please give me solution. thanks
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,219523,219523#msg-219523
More information about the nginx
mailing list