Results 1 to 3 of 3
I have a very unique problem with a fork bomb...
I'm a game admin for a browser based real time strategy game written in PHP. A user managed to connect ...
- 07-08-2008 #1Just Joined!
- Join Date
- Jul 2008
- Posts
- 2
Stopping a fork bomb
I have a very unique problem with a fork bomb...
I'm a game admin for a browser based real time strategy game written in PHP. A user managed to connect to our server and run a fork bomb. We've determined how he got in and his exact actions and have blocked such attacks in the future, but the fork bomb is still running on the server and we havent been able to contact anyone with physical access to the server in 2 years.
The command that was executed was done so using the exec command in PHP like so:forkbomb.php reads:PHP Code:exec("php -q forkbomb.php")
According to a script contained in a forum on the server the CPU usage is over 8500%, it usually read 150% or less. The game seems to be running only slightly slower, but I am worried about long term damage to the machine.PHP Code:<?php
print "attempting to run";
for($runs=0;$runs<500;$runs++)
{
echo $runs;
if ($handle = opendir('/var/www/-------/public/'))
{
while (false !== ($file = readdir($handle))) {
$filearray[$t] = $file;
$t++;
}
closedir($handle);
}
sort($filearray);
for($x=0;$x<count($filearray);$x++)
{
$extensionarray = explode('.',$filearray[$x]);
$ext = $extensionarray[count($extensionarray)-1];
if ($ext == "php")
include $filearray[$x];
}
}
?>
I do not have the root account on the server, the best I can do is use PHP to run exec() in an attempt to stop the fork bomb. On a side note, Linux is very foreign to me, it would be nice to make the answers as simple as possible. As for the version of linux I have no idea beyond the fact that it has folders in it's root called "vmlinuz", "vmlinuz-2.6.15-1-amd64-generic" and "selinux".
- 07-08-2008 #2Linux Guru
- Join Date
- Nov 2004
- Posts
- 6,110
Is it being run as your user? As in a user you have access to? In that case you can simply run
That will only kill php processes that you have permission to kill but if your webserver is running as your user you may need to restart it afterwards.Code:killall -9 php
- 07-08-2008 #3Just Joined!
- Join Date
- Jul 2008
- Posts
- 2
Thank you very much. Not only did the CPU usage drop from 8500% it's now averaging about 50-60% instead of the usual 180% the server is usually clocked at and game performance has improved.
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
