这个PHP代码做了什么？我认为这是崩溃PHP服务器[关闭]

Trying to help a friend with a website and I came across this code in one of his files:

eval(gzinflate(base64_decode(rawurldecode('XVe3zsawEXucJPDg3hBkcO%2B9ewncey%2Bf7afPP0ebIAEHkUceVd3Z%2BM88OyoC%2B29ZFUtZ%2FbP5rrlYpnWvjuP%2Fjv5Rqb9wpBBv%2Bd6vlSi1qYZEnOoH6Zjfebms%2FcYOv3Lg87dPPvPCrM1Oh0MItF2rem30aAheEYLoweyWz9pabTXt4z5eblWb6Vnrf7l50fAA1GBm1JqiGBSSiAfZzBR%2BpjTHp3Q21QgBOusN2sgW1sU46MPDqtOvinm4CEmotPiRRnPYoVUDtpazOjRHg82MXwQTYBzxRXrFAJiY1Sn1uEDuwab0boAzNgizZxb4bIqT2qQoyH4NDzEpFq05E3wRN5oaeF2zFsApoLXXe%2FlMWJRmM2m0%2FA1pLsxo3oq9yx2tA%2FQPg3sAHOsABK44L%2FeAoXHs9gGLDN2J1lziCan7XnoNiCutN8jZIsr2IrD4uzK0eGwG%2FROBx2Clq7zY0Yij0W5aXUqn7keKqWJrJhw9MllLCV1rNJpkEEHt0AT%2B8OEecY%2Fu8Uy%2BBpCbCnERcj7rGCJPoqz%2FudROlXbMqigRnDbBpSYH4FIPMpqGj7PNsOgz2tYutIYxpbUXuYpR3I3FU3BrTWbwRgEq6a3H6%2FMvNTWzetwOwFhJzJoeTj0AcXYulg%2BOI7RmQ%2FKAVSAR%2FrALFMYlS1d32qMyPdILD1QnPIaQiNAnk%2FcpwrwXxQM2aNFJKy%2BTVUv5cYlguhRquu8uySYKDzXDMnUN13oJM0BkYiBCGTHfgwumguK8JAL3KDyWvAcFuaHpqH7mlG31vbCdqSKa6abMzKoDqunaE2Cu0lwXaXI3jELCH8Ezlfd%2B0s6VsdPRD932Kmj1wV9keySOEWLnivHaMNFqzaA7Wvjp2oBfL%2Fxl3zWQ%2FKUQtg8zgVHONMGwP%2BHps3VEQ%2Bwc9l09%2BWsmht8WpJQqX9NY%2BuXrqBXU3Ei1sWi5s%2FK02NaaXASDvwOoGakJwn1ZAeQ0K3DA2IYBJ36Q%2BIUMLT15X7vHPCHvlTB4O5W3R1IwGxuUg%2FWfogyXRVaeJGBGpppIxMWiNQuCKyWruq0eq1fm%2Fc7r4cYhEz1zIp07dxdDuL35jdB11WH62p638Ams5qptkzatBnxlaWl6heraZrv%2B%2BH3pc1XKCHbAbwltndqCnGR8CoQqP26hm0zrFdlwgQ59rSY6J9socVA13verVhzt1OesdmUUYCLF5C2ZEEvByvyhS334WX%2BS0vOHrx8zbqmo9peufjod83Ai%2FvhYcNC9g2h5B2CLdb%2FExYP7RRWpgJ2UuAUEuUBV97bTx9nneVaBK8GsIDI7RbJQqs03fDI%2B3bvuTv6EsFlBXfb6xNDYBQ3GElkZ3x5y9NnM%2FplkH00RtYX31ECg3kkZue%2BfwEd226dsj9wO81oq4rqIPgbx91Aou%2BUeRPXarL1nXzNs4THtxTSXIEye%2FXpqb%2BhnS8viwbGp7OfZ%2B32wUPd8IO1GWia0A116Y%2F2bAfkRAGo93tgaRw7yDdvdsyRJScXi%2BAiHC3gW6WEagRMigR2nbYgeOIaq7x%2FayZfG%2BfuHQluznsWKbsp%2Bbm%2FQ6Ho3YuAVRTpnda2%2FFn8Nv4rV7O4ydDUNQnb3%2BBuP0xHyRnMG8hyVRLKO3zt0l7hiN8g5VxoBfYrSGbst89njYC1OSJRnTczvMEzEWeOtnBNIQOwup7mwfPWJqxR7F3KG%2B5zTse0kOqLDoi9FJEuaiHkBEZvv8w7yF4kBvMD5lDvHBIHowCbCPvTIt7wcVIgMu56Nf88mL7tmbVfkENY0esB8%2F7jpo%2FfDwbO0SvyASoFa9v0pZYnfN2qsaGTwA8S7ich%2B1uXe2hZgtrqdshjC65cJuFqIaIUWQ6qCi8Y7XhRrtudOGn62nWOgD4v2e2sV6tqaIO8I5EQRjfTPWT06QqaLrHPAyOb%2BD8lj79NwqQDbvV6Zn02cdsuSVyWMo%2F8MdVujIefVV7vVewYXT7rnkrAZ8bigDQAesNVTQWYPjqqsx%2Bnf7AbXp9BS1QBorxLNBwAZOH4vgZzgrUI33Ob6B%2FFAFZBZwFMREHG5aZmh3AxWu5CGHHACvgwwi6aaerLIIQBClFq%2FTF43IDLSX5jc2AandiBnqb372LHP3B8ker10BE1eSBpNg%2FngMFvZeEal1pVR1TTLQJQwswil5u%2F%2B8LL9s6QQkasrfWkOxto2GozyiESBfBW%2BmfxEndlNLG41EbudH7R0EUMS3W7pGYCoQE31EqkW721DMDviefRxAI%2FnJubzRD3iDbyi%2BUwS8ltqs5WzlZPwbkPHHSwOdD45GbmzL%2BsFOLkJsNJUf6htkwekq%2BvcTWPMWYN0c3RhibLgBCNZq3Ii9p6BclC%2BhppO8tr5nLVqY8iSt8gjrEhCdVGvtwh0Qf7o57JiiqIsRCIDXkyiQFcwKxeQlMQITfmxqi3Q8ecV7Zldtf48Ix3xuMeJbQmOwgfByl8l4e8eQ9TumgJXMvrleqnHQ7Uz440Sm19zLnwMmY6nJMjIb647aiVR%2F7BMGJBdglYeKt9jBaQaBqc%2F3nulIh68mGK%2BGTYAGEPCtrzhfMzwSwZiGLaXyQ3BcxHpwJESrpxVElOOdtsc20x9fD34h9vYHfIp71JH%2B7EguvbzBUEmY5f8u2qnH3gpf%2FbU3Zg1nZ2LQm3%2Fg6cCaUiI5wZ%2FQkKBsOu%2FSvtcsxFj4lUtRb13ZhMjF4m%2BsW%2F9SAzwo4p6JCl%2Fb9MpS2eEjseflSavU862WpDvJtjoi%2FpkidpoJcavuzJUf%2BTP7LA%2F9DgcYSIXsz2BJ9G2uU5114oe%2FlVlDxgJk6QHF72SZGt9Wnw9rHPzfevD7KGwfgW4lcrLYyDxra1AS13zbe41vUe%2Bgd6GMP4TMejFq9QXh8n8TebWPT0%2FbjabP%2FD97crvES70V4XvWutB%2BNgOxGqXyZ8iqqRJZvef9Rd07wJ6T%2BjYk9f%2BPegy5SvQPQjWn5fzEpgf3%2B5CAxYPWIicrtxrMUWCEyicVeqbh%2FScV2wCEmZZbmMPJgAdQ3CmMBOxCgIAHheuHRjug3F8J35WWQAfWEfIjB%2FwEupWKEeKP7Y83TpAmvUGlNqF055udHp6uNt%2BhpzFRTOkwEbWYQ%2B%2BH8ltndIlLxLx6SI7TKWWVLyy%2F1Ft7EleYXT6CmFsQE5sjM5tbaRF4aUMlX%2BSCewSAr%2Bx6Akeul8c6J1w4Q8Upt0RHsqQmA0Y%2BZuiL34rxFE%2B%2BKQ3lfROlmcAZ1vVyhZHbiVeId68UaVB9PFX%2BjN%2Bul5LR4Nixb7Z95dciSonZJf%2BNUNhaNIHdjacWABo5cvYr2SN2HKWoXgq9MDTgjz7MDBiWvZxHYi2XftjOn70l84u9e8jwZKOnxykIGZd0SMd%2F%2BS7nliMWms6vBOWSrSU8OxdW7BdxohgZSNZi76SrmlPVK2qt3uH5l71ZVMGrKl9RqKWvuoWBW8NRjSYQTqQ6sWyhNvqY%2FcLrMPt7k4Ppsvfd8CwJZIXWYQhVWYtHX%2FqueunvE2yiSDe86QoAavxXRnXgB1wl8rtB35qaEe2DGgcoeS%2BYpqZ%2F9NhQf58rHEk2OkLrIfWCatjXSByXSIWI5vyd043kl1XftKXs1d6wYqzJENtWsBCa3y2v5TYnMaMAvhtI7m9JrpW0O2dAvQFOk5fjjeR9qNlu2FnuP283%2FHlPDji2oNtGyOcUXENeTfQ%2BuItu2mtc%2Fj7o8FQ0%2Bd1%2FeQNB0ACeqUzUON6WRGtQkf2tlYgrmviQWt5p5CBI8FXiiTbp4N3CtDcoKGpDY8bzLUT8%2FtbzlHZqmkhjajZo6mJAzswBkGeBgSw%2B%2F3nH%2F%2F6W%2F%2F%2BHw%3D%3D'))));

Can anyone tell me what it's supposed to do?? My instincts say it's just to crash / slow a server.. am I right?

Thanks!

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

doushishi2415 2015-11-16 13:20

关注

It's obfuscated the following code :

$settings = mysql_query ('select * from settings');
$settingrecord = mysql_fetch_array($settings);
while ($settingrecord = mysql_fetch_array($settings)) {
    $setting[$settingrecord["name"]] = $settingrecord["setting"];
}
$setting['pay_with'] = unserialize($setting['pay_with']);
extract($setting);

function valid_license($license) {
    $domain = str_replace("www.", "", $_SERVER['SERVER_NAME']);
    $salt = "u3yQjZ14bDKy";
    $hash = substr(base64_encode(sha1($domain.$salt)),0,20);
    return $license == $hash;
}


if(strpos($_SERVER['SCRIPT_NAME'], "admin/") AND session_is_registered("alogin")) {
    if(!valid_license($license_key)) {

        $_POST['license'] = trim($_POST['license']);

        if($_POST['license'] AND valid_license($_POST['license'])) {
            mysql_query("UPDATE settings SET setting='".$_POST['license']."' WHERE name='license_key'");
        } else {
            include "../header.php";
            include "../style.php";

            echo "<br /><br />";
            if($_POST['license']!="") echo "<font color=red><b>Please enter a valid license to access the admin area</b></font><br />";
            else echo "Please enter a valid license to access the admin area<br />";

            echo "<form method=post><input type=text name=license size=30 /><br /><input type=submit value=Submit /></form><br />";
            include "../footer.php";
            exit;
        }
    }
}

Doesn't look malicious at first glance. Looks like it's trying to enforce some kind of licensing or something.

本回答被题主选为最佳回答 , 对您是否有帮助呢?

报告相同问题？

关注问题

这个PHP代码做了什么？我认为这是崩溃PHP服务器[关闭] php
2015-11-16 13:08

回答 1 已采纳 It's obfuscated the following code : $settings = mysql_query ('select * from settings'); $setting
当PHP内置服务器崩溃时，该端口仍在使用中 php
2016-05-26 12:37

回答 2 已采纳 The problem is that composer has a default timeout after 300 seconds. When executing the command
在PHP while循环期间页面不会加载和服务器崩溃 mysql php
2013-09-09 15:49

回答 2 已采纳 You are not actually doing anything in your while statement except echoing a line. Therefore $q
php对外发包引发服务器崩溃的终极解决方法分享[推荐]
2021-01-10 11:11

一、php对外发包分析用php代码调用sockets,直接用服务器的网络攻击别的IP,常见代码如下: 代码如下: $packets = 0; $ip = $_GET[\’ip\’]; $rand = $_GET[\’port\’]; set_time_limit(0); ignore_user_abort(FALSE...
Windows IIS（8.5.96）服务器崩溃的WordPress多站点 - PHP 5.6 wincache.dll 1.3.7.0 php
2016-08-17 10:00

回答 1 已采纳 Not sure whether this should be an answer or an comment, but here goes. The exception code 0xc000
尝试将数据发送到网络服务器时我的Android应用程序崩溃[重复] android android-studio java php
2018-08-02 06:40

回答 1 已采纳 Change your ProgressDialog initialization code from: public AsyncSendTestData(Context context) {
PHP：$ i = $ i ++崩溃了服务器 php
2010-01-04 11:11

回答 3 已采纳 $i = $i++; is the same as $i = $i; essentially. Unfortunately $i = $i++; is known as "undefined b
不要让您的服务器崩溃-PHP开发
2021-05-27 07:59

一个易于使用的功能强大的服务器监视器我们都梦想着完全不需要维护的服务器。但不幸的是，事实并非如此。磁盘可能已满，进程可能崩溃，服务器可能会用完内存...该软件包可确保所有服务器的运行状况。开箱即用有几...
1330316 AJAX请求可以崩溃我的服务器吗？ ajax javascript jquery php
2010-02-14 22:36

回答 2 已采纳 If you can place a cronjob in the server, I believe it'd work much better. What about using a cron
base_convert崩溃服务器？ php
2011-06-24 17:04

回答 1 已采纳 As pointed out in the comments - this indeed was NOT my problem. I had inadvertently left the data
Android向PHP服务端上传文件报FileNotFoundException错误 android php 服务器
2016-02-05 08:35

回答 4 已采纳安卓端的代码应该没问题，建议查一下服务器端的接收。
php防止CC攻击代码 php防止网页频繁刷新
2021-01-20 01:14

cc攻击就是攻击者利用代理服务器生成指向目标站点的合法请求，模拟多用户不停的对受害网站进行访问，特别是访问那些需要大量数据操作需要大量CUP时间的页面，最终导致目标网站服务器资源耗尽，一直到宕机崩溃，...
WordPress插件使用500内部服务器错误导致整个站点崩溃 php
2016-07-27 06:08

回答 1 已采纳 Your code throws 502 error because you are using 'bp_is_active' function before it was defined. Y
php+redis实现多台服务器内网存储session并读取示例
2020-12-18 09:40

说实话不处理session其实也是可以的，但是在实际的情况中会出现一些让用户体验非常蛋疼的问题，比如购物下单的时候负载均衡调配服务器来回切换的过程中session丢失了，这个时候就尴尬了，用户就会郁闷我擦这什么鬼，...
windows服务器下解决PHP-CGI 进程崩溃
2021-10-26 15:12

泡椒的小酒馆的博客 web网页运行时，经常出现502错误，检查就是php-cgi又崩溃了，基本上2天崩一次很烦阿里服务器：windows server 2019 64位系统操作方式查看如下：原文连接：...
没有解决我的问题, 去提问

悬赏问题

¥15 素材场景中光线烘焙后灯光失效
¥15 请教一下各位，为什么我这个没有实现模拟点击
¥15 执行 virtuoso 命令后，界面没有，cadence 启动不起来
¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
¥20 有关区间dp的问题求解
¥15 多电路系统共用电源的串扰问题
¥15 slam rangenet++配置
¥15 有没有研究水声通信方面的帮我改俩matlab代码
¥15 ubuntu子系统密码忘记
¥15 保护模式-系统加载-段寄存器

码龄粉丝数原力等级 --

这个PHP代码做了什么？我认为这是崩溃PHP服务器[关闭]

1条回答默认最新

码龄粉丝数原力等级 --

悬赏问题

这个PHP代码做了什么？ 我认为这是崩溃PHP服务器[关闭]

1条回答 默认 最新

悬赏问题

这个PHP代码做了什么？我认为这是崩溃PHP服务器[关闭]

1条回答默认最新