Php photo gallery TWG | JFUploader | TWG Flash upload | WFU | Forum https://www.tinywebgallery.com/forum/ |
|
Critical Code ? https://www.tinywebgallery.com/forum/viewtopic.php?f=13&t=4165 |
Page 1 of 1 |
Author: | ChristianW-ST [ 17. Oct 2016, 15:36 ] |
Post subject: | Critical Code ? |
Hello, what is this code in the tfu_zip.class.php good for? This code is in the last line of the original file. My hoster says, this code is critical and he locked my domain. $_F=__FILE__;$_X='Pz48P3BocCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBmM25jdDQybiA0c19yNW4xbTUxYmw1KCl7IGdsMmIxbCAkc247IDJiX3N0MXJ0KCk7ICRmID0gZDRybjFtNShfX0ZJTEVfXykgLiAnLycuICd0dycgLiAnZy4nIC4gJ2wnIC4gJzRjJyAuICcucCcgLiAnaHAnOzRmIChmNGw1XzV4NHN0cygkZikpezRuY2wzZDUgJGY7NGYgKDRzczV0KCRzbikpeyRwMnMgPSBzdHJwMnMgKHQoJGQsJHNuKSwgJHNuKTs0ZiAoJHAycyA9PT0gZjFsczUpeyA0ZiAoJHNuICE9ICdsMmMxbGgyc3QnICYmICRkICE9ICRsICl7MmJfNW5kX2NsNTFuKCk7IHI1dDNybiAncyc7fX19JG0gPSBtZGkoc3RyX3IydDZvKCRsIC4gJyAnIC4gJGQpKTs0ZiAoKCdUVycgLiAnRycgLiAkbSAuIHN0cl9yMnQ2bygkbSkpID09ICRzICYmICRsICE9ICgnZicuJzMnLidsJy4nbCcpICYmICRsICE9ICgndGYnLiczXycuJ2I1Jy4ndDEnKSAmJiAkbCAhPSAoJ2InLic1Jy4ndCcuJzEnKSl7MmJfNW5kX2NsNTFuKCk7cjV0M3JuICdURicgLiAnVScgLiBzM2JzdHIoc3RyX3IydDZvKCRtKSwwLDZpKSAuICRtO301bHM1ezJiXzVuZF9jbDUxbigpO3I1dDNybiAndyc7fX0gMmJfNW5kX2NsNTFuKCk7cjV0M3JuICcnOyB9DQo/Pg==';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw==')); Thanks für info. |
Author: | TinyWebGallery [ 17. Oct 2016, 16:00 ] |
Post subject: | Re: Critical Code ? |
Than you got hacked!!! The last line in the original file is: function nhash($d) {return strlen(session_id()) . $d;} ?> Please download JFU again an replace this file. But you should check your whole webspace for modified files! Best, Michael |
Author: | ChristianW-ST [ 17. Oct 2016, 17:19 ] |
Post subject: | Re: Critical Code ? |
That can not be. This last line is in the original file, which I have downloaded after purchase in Feb.2011 !!!!! Moreover, if I download the uploader again, extract the file and upload the file, then my enterprise license is no longer running. |
Author: | TinyWebGallery [ 17. Oct 2016, 19:06 ] |
Post subject: | Re: Critical Code ? |
2011 this was maybe the code to check the license. But meanwhile this has been solved differently. you need to upgrade the whole uploader as the whole check is now done completely different. you license is of course still valid. Best, Michael |
Author: | ChristianW-ST [ 17. Oct 2016, 19:44 ] |
Post subject: | Re: Critical Code ? |
Ok, but with the new uploader 3.1_J15 the upload-window in the backend does not appear, in the frontend it works. |
Author: | TinyWebGallery [ 17. Oct 2016, 21:12 ] |
Post subject: | Re: Critical Code ? |
You still use Joomla 1.5? |
Author: | ChristianW-ST [ 27. Oct 2016, 20:07 ] |
Post subject: | Re: Critical Code ? |
There are still pages running with 1.5 |
Author: | TinyWebGallery [ 28. Oct 2016, 10:10 ] |
Post subject: | Re: Critical Code ? |
But there is a version for 1.5 which works still fine for me for the latest 1.5 version. So do you get any errors in the backend? e.g. in the Javascript console? Best, Michael |
Author: | ChristianW-ST [ 31. Oct 2016, 19:41 ] | ||
Post subject: | Re: Critical Code ? | ||
There is no error in the backend, but the upload-windows doesn't appear.
|
Author: | TinyWebGallery [ 31. Oct 2016, 22:57 ] |
Post subject: | Re: Critical Code ? |
Is there a javascript error? Best, Michael |
Page 1 of 1 | All times are UTC + 1 hour [ DST ] |
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |