Is this malicious code?
-
Hi!
I downloaded a great theme, but footer.php looks suspicious. Can anyone figure out what this code does? Entire footer.php file:
<?php $_F=__FILE__;$_X=’Pz48aHIgLz4NCjxkNHYgNGQ9ImYyMnQ1ciI+DQoJPHA+DQoJCUMycHlyNGdodCAmIzZlOTsgYTAwNyA8MSBocjVmPSI8P3BocCBibDJnNG5mMignM3JsJyk7ID8+Ij48P3BocCBibDJnNG5mMignbjFtNScpOyA/PjwvMT4uIEQ1czRnbjVkIGJ5IDogDQoJCTwxIGhyNWY9Imh0dHA6Ly93d3cuYnIxbjRjMS5jMm0vaDJzdDRuZy5odG1sIj5CcjFuNGMxIFc1YiBIMnN0NG5nPC8xPiAuTTFkNSBGcjU1IEJ5IA0KCQk8MSBocjVmPSJodHRwOi8vd3d3Lncydy1nMmxkLXByNGM1LWw0c3QuYzJtIj5XT1cgRzJsZDwvMT4gfCANCgkJPDEgaHI1Zj0iaHR0cDovL3d3dy5oMm01aDJzdC5jMm0uYnIiPlI1ZzRzdHIyIGQ1IGQybTRuNDI8LzE+IHwgDQoJCTwxIGhyNWY9Imh0dHA6Ly93d3cuZjFyMXcxeWYzcm40dDNyNS5jMi4zay9zaDJwL3NoMnAucGhwP2M2PUluZDIyciYxbXA7Y2E9RDRuNG5nJWEwUzV0cyI+DQoJCUQ0bjRuZyBSMjJtIEYzcm40dDNyNTwvMT4gLg0KCTwvcD4NCjwvZDR2Pg0KPC9kNHY+DQoNCgkJPD9waHAgd3BfZjIydDVyKCk7ID8+DQoNCjwvYjJkeT4NCjwvaHRtbD4=’;eval(base64_decode(‘JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw==’));?>
- The topic ‘Is this malicious code?’ is closed to new replies.