Heartbleed Checker

Heartbleed (CVE-2014-0160) is a vulnerability on OpenSSL library which is affected on million of website. This will cause any user on the internet to read system memory. Our team have working to provide an alternative URL for user to verify their web server for vulnerable OpenSSL. User can visit to the following URL: http://heartbleed.honeynet.org.my/ If […]

pKaji: The PHP Analyzer

pKaji is a free service provided by MyCERT that allows one to analyze¬† PHP codes.¬† It facilitates detection of network activities and other potentially malicious activities within the code by using the ‘hooking’ technique. Basically, it uses the APD (Advance PHP Debugger) extension to hook the original PHP built-in function. Using pKaji To use pKaji, […]

Hooking pBot

I’m working on analyzing remote file inclusion (RFI) code. For pBot class which uses¬† an IRF server as their command and control (C&C) ,¬† we are interested to get the IP addresses of the C&C,¬† the channel name and¬† the nickname used to connect to irc server. Below are sample of output: ok! (host=irc.server_name.net, port=6667, […]

Securing PHP : Disabling Dangerous PHP Functions

PHP is a very popular language nowadays. But at the same time, it’s also one of the main sources for user accounts and servers getting compromised. Every PHP developer and hoster should understand the primary attack vectors being used by attackers against PHP applications. They also should be able to classify PHP functions that allowed […]