0

My php hosting injected by unknown code. I don't post the whole file,

$x0d = "b\x61se\x364\137dec\x6f\144\145";

How can the PHP process this line of code without any function to decode.

\x61 = a , what is \x61? how can web server understand this character? I try with HEX / OCT encoding also can't provide me \x61

I give an example inside the code, the below code will execute sha1

$a = "s\x68\x61\061"; 
echo $a("hello");

*The whole file does not have any eval() function inside there.

Improve this question
0

1 Answer 1

Reset to default
1

OK. After I referring to this post, I understand it is PHP string type.

http://www.php.net/language.types.string

Escaped characters in double quote

[0-7]{1,3} : the sequence of characters matching the regular expression is a character in octal notation

\x[0-9A-Fa-f]{1,2} : the sequence of characters matching the regular expression is a character in hexadecimal notation

hexadecimal can refer from here: http://www.ascii.cl/

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.