PHP code DE-Obfuscation
10 December, 2010 - 10:19
So one of my clients that I don't personally host were subject to a wordpress vulnerability a couple of weeks ago.
I was able to subvert the attack which cleverly changed the behavior of WordPress only if a search engine robot accessed the domain. Robots would be redirected to a page trying to sell Cialis. Anyways I have been curious as to the nature of the code so I have started to de-obfuscate the data portion of the injected code.
Of course so everyone can have some fun I figured I would share it with you guys in case anyone wanted to play around with it.
pastie:
http://www.pastie.org/private/cpuznmjnf72wyzc6z4r0va
Have Fun