Support the ongoing development of Laravel.io →
pulsebreaker
posted 9 years ago
Security

site has been running fine lately,

until today, when i tried to login into restricted area of website & got an exception thrown.

User.php > namespace has to be the very first args

downloaded the file locally using filezilla & found this on top of User.php

http://laravel.io/bin/52L8Y

rest all the php files seem to be intact, looks like hacker couldn't inject any further.

restored old User.php form my dev machine & site is back online again.

how could this injection be possible? i am not using ajax for logging in. just plain php.

do i need to worry?

Last updated 2 years ago.
0
lagbox
replied 9 years ago

Could be many different things and more than likely none of them related to laravel.

But yes you should be concerned. It is possible that malicious code on the server did that.

The fact there is an eval in there is very bad news.

Last updated 9 years ago.
0
corbosman
replied 9 years ago

There is no way to tell from what you've said so far how this piece of code got in there. Could be anything. They could have come in through unrelated services and modified that file. Is User.php writable by the webserver user?

0

Sign in to participate in this thread!

Eventy

Your banner here too?

pulsebreaker pulsebreaker Joined 27 Dec 2015

Moderators

We'd like to thank these amazing companies for supporting us

Eventy
Fathom
Forge
Envoyer
Beyond Code
BairesDev
N-iX

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

X (Twitter) Bluesky Bluesky GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2025 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise