Jump to content

Archived

This topic is now archived and is closed to further replies.

brochure

Executing multi-extension files vulnerability with Godaddy hosted sites.

Recommended Posts

I tested the following and on one of my Godaddy sites it is indicative of a known security problem.

http://core.trac.wordpress.org/ticket/11122

 

To see if you have an issue with executing multi-extension files do this.

Create a file with the name "info.php.jpg" and add in it the following code:

 

<?php

phpinfo();

?>

 

Then upload this file to your site and try to load it.

(www.yourdomain.com/info.php.jpg)

 

If your file is parsed (you will see a few pages of info),

instead of getting a non-existent image then you have this security issue.

 

This means that if you have upload file functionality on your site, then a hacker can upload a script on your site and run it.

It's not based on single CMS (eg Wordpress, Joomla, etc) but is a general issue.

 

You can check this yourself and prevent file injection.

Share this post


Link to post
Share on other sites

I pasted this code that was recommend at the top of the .htaccess file and although it fixed the error,

it won't load php files properly (it just shows the source code).

What is the solution?

 

RemoveHandler application/x-httpd-php .php

<FilesMatch "\.php$|\.php5$|\.php4$|\.php3$|\.phtml$|\.phpt$">

SetHandler application/x-httpd-php

</FilesMatch>

<FilesMatch "\.phps$">

SetHandler application/x-httpd-php-source

</FilesMatch>

Share this post


Link to post
Share on other sites

If anybody knows the answer to my previous post (the one about adding the code to fix the multi-extension file exploit), please answer, because the site was hacked again.

 

And I don't have an ability for users to upload anything so how could they get the file on my site in the first place?

Share this post


Link to post
Share on other sites

×