PHP official published a security bulletin on its home page, said it had been a successful invasion, but after the investigation has not been implanted backdoor source. As a widely used programming language, PHP source code security is worrying, the recent PHP official in a bulletin that has been successfully penetrated to PHP official server, and successfully penetrated into modify the permissions of the PHP source, although after the investigation showed that an intruder and no backdoor, but has shown that PHP the source of risk may exist.
message is submitted to the wooyun security information reporting platform, which is accompanied by the original screenshot.
images show that wiki.php.net was successfully invaded
attacker test success modified PHP source code, and he is interesting in phpinfo left wolegequ, ungeliveable words, seem to just try to modify the source code of PHP is successful, and these words that should be a country by hackers. The person who submitted the information to the nickname BNE also did not mention how these screenshots were obtained and did not respond to whether the official announcement was correct.
most original announcement in http://s.www.wooyun.org/bugs/wooyun-2010-01635