Webmaster Forum - View Single Post - Backdoor in 'Free PHP Directory Script' ?

ssgupta · 09-06-2004, 09:18 AM

He has sent a reply to me - reproduced below:

"The invisible image is just that, an image, unable to hurt in any way. It allows us to keep the records of installed scripts. It's more convenient than requesting the installation url every time the script is downloaded/installed.

The backdoor is password-protected, so it is impossible nobody but us can access the script, not even people with access to the script code. We added this feature several months after the first distribution of the script. We had several problems with abusive users, not only removing copyright links but also reselling the script, besides other aggressive actions. So we decided to include this tool. We have only used it once, and its use was more than justified. As the full script is distributed after the purchase, and there is no risk, it does not include this feature.

I can assure you no legal user of the script has anything to be afraid. In fact, if you or any other purchaser want a script copy without these things, I will have no problem sending it.

Regards

Javier GarcÃ*a
Biz Directory"

So it turns out they have been stealing our passwords?

09-06-2004, 09:18 AM	#13 (permalink)
ssgupta Contributing Member Join Date: 01-19-04 Posts: 67 iTrader: 0 / 0% Latest Blog: None	He has sent a reply to me - reproduced below: "The invisible image is just that, an image, unable to hurt in any way. It allows us to keep the records of installed scripts. It's more convenient than requesting the installation url every time the script is downloaded/installed. The backdoor is password-protected, so it is impossible nobody but us can access the script, not even people with access to the script code. We added this feature several months after the first distribution of the script. We had several problems with abusive users, not only removing copyright links but also reselling the script, besides other aggressive actions. So we decided to include this tool. We have only used it once, and its use was more than justified. As the full script is distributed after the purchase, and there is no risk, it does not include this feature. I can assure you no legal user of the script has anything to be afraid. In fact, if you or any other purchaser want a script copy without these things, I will have no problem sending it. Regards Javier GarcÃ*a Biz Directory" So it turns out they have been stealing our passwords? __________________ NewOpps.com - New Business Opportunities