Published on 18th December 2011 – 22 Kislev 5772. Last updated on December 18, 2011.
This article is not really a rant but rather an alert for any that is currently Googling this. I have found on a few websites that I hosted on an older system had random PHP script inserted into the start of the index.php file.
The code below is what is being inserted into index.php files. So far I have not seen it attack any other pages.
However with that said, lets see what this PHP code is doing and hopefully what you can do about it.
As you can see this is clearly just a encoded PHP script – much like the same I do on Can you work it out. So if we just decode it, we now get what the server is actually executing.