PHP:如何解码eval()?
I just noticed today that I have got lots of spam links in my wordpress blog. I just found a file which contains
<?php eval (chr(101).chr(114)...
Its very very long string. Can someone tell me how can I decode this to see what it does? So that I can try to remove the spam links? Thanks.
我今天刚刚注意到我的wordpress博客中有很多垃圾链接。 我刚刚找到一个包含 p>
&lt;?php eval(chr(101).chr(114)...
code> pre> \的文件 n
它非常长的字符串。有人可以告诉我如何解码它以查看它的作用?这样我可以尝试删除垃圾链接?
谢谢。 p>
div >
Just replace eval by echo and have a look at the generated output
<?php echo (chr(101).chr(114)...
Simply replace eval with echo:
<?php echo (chr(101).chr(114)...
Besides that, you most likely need to reinstall whatever you have on your webspace as you obviously have been hacked. Ensure that you use the most recent version of Wordpress and all other software you are running to prevent this from happening again.
Instead of executing (eval) you can just echo out what it says, preferrably with htmlspecialchars if you execute it via browser:
<?php echo htmlspecialchars(chr(101)...
odds are though that you won't see anything understandable, since it is probably encoded in more ways than one.