What is remv.php
The file remv.php is a script that MAY be found inside your website regardless if you have a CMS or not and is a popular script used to inject code into your site. This is definately not a core file and is not the original file name of the script if found in your site.
More information on this script can be found from the developers link: Php Remote View If you need help translating this link, you may try this link: Translate or if preferrable go to babblefish.yahoo.com and enter the url yourself. As you might be able to tell from this page which is written in Russian as far as I can tell, this script has been out since before 2003 and doesn&squo;t appear to have any later releases after this according to the page. This script is most often presented with a little helper script at the top to prevent unauthorized users from accessing it ( This would include any of the real site owners ) by using an md5 cookie check at the top of the script and outputs a security permissions warning otherwise.
The code in the downloadable script contains the following head section:
if (!preg_match($s,getenv("REMOTE_ADDR")) &&
!preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR"))))
exit("<h1>phpRemoteView: Access Denied - your host not allown</h1>");
if ($login!==false &amp;&amp;(!isset($HTTP_SERVER_VARS[&squo;PHP_AUTH_USER&squo;]) ||
$HTTP_SERVER_VARS[&squo;PHP_AUTH_USER&squo;]!=$login||
$HTTP_SERVER_VARS[&squo;PHP_AUTH_PW&squo;]!=$pass)) {
header("WWW-Authenticate: Basic realm="phpRemoteView"""");
header(""HTTP/1.0 401 Unauthorized"");
exit(""<h1>phpRemoteView: Access Denied - password erroneous</h1>n"");
}
This is the scripts configurable protection against site owners who would try to browse to the file.
