Originally Posted by BestXXXPorn

Usually they are done through known exploits of a php system... There are a variety of methods though...

If you allow any sort of user file uploads they can upload a spoof image which contains an image header but also includes a <?=eval($_REQUEST['var'])?> ... If you serve images dynamically, like some people do, then this image would basically allow them to run anything on your system that they want... read files (including conf files) etc... then upload their own script to wreak additional havoc...

They can also use SQL injection methods... Many people don't use the mysql real escape string method and so they can be prone to injection methods... This is done by setting a variable name to something that will terminate the MySQL query that is supposed to run and run an additional query... or just cause the query to do something completely different by extending it...

I don't use prebuilt scripts for that exact reason... there's just too many vulnerabilities and once one has been found... it's open season on that script until there's a patch.

Those cover two of the main "web hacking" methods but there's also a myriad of different ways to hack a box over other ports. Virtually every single port you leave open on a box is vulnerable to attack. From buffer overruns (although those are few and far between now-a-days) to bad character sequences to... there's really a ton of methods. The most important thing to do is make sure you close all the ports you don't want people accessing... get rid of ftp ffs... make sure you have some BFD (Brute Force Detection) on any and every single auth point... and update every library and every service as soon as a new stable version comes out...