Miro J.
Reputation: 4984
How to decode eval( gzinflate( base64_decode(
I have this code injected in my site. How can I decode the trailing string? I need to know what happened and what is the code behind it.
Upvotes: 5
Views: 40000
Answers (3)
Andrei
Reputation: 91
I use this to remove the nasty code injected in all my PHP files from public_html folder:
find -name "*.php" -exec sed -i '/<?.*eval(gzinflate(base64.*?>/ d' '{}' \; -print
Cheers!
Upvotes: 9
Ishtar
Reputation: 11662
This should output the code that would be executed by eval():
<?php
echo gzinflate( base64_decode( /* insert code */ ));
?>
I hope that's what you were looking for.
Upvotes: 10
Related Questions
- How to fully decode a base64 string in PHP?
- Can anyone decode this? (eval(hex2bin(str_rot13(gzinflate(str_rot13(base64_decode
- Decode base64 string - php
- how encode a php code in three ways Like -> base64 & str_rot13 & gzinflate
- Eval PHP Hack Cannot decode code
- PHP Base64_decode
- how use eval() functinon to workable a base64 encoded script?
- Decoding base64 php file
- base64_encode an eval();
- Need to Base64 Decode This String