target.php:

xas xjahs dajdh ajdhjas da d xxxx na dh ada hd

main.php:

<?php
// removal malicious script by forzadraco

$filename="target.php";

$existfile=@fopen($filename,"w");

if($existfile){
echo "file berhasil dibaca \n\n";
}else{
echo "file gagal dibaca \n\n";
}


if( false == ($str=file_get_contents( $filename )))
echo "Could not read file.";
else
echo "File contents: ".htmlspecialchars($str);

$hsl=preg_replace("/xxxx/i","draco",$str);

echo "<hr />".htmlspecialchars($hsl);

fwrite($existfile,$hsl);
fclose($existfile);

?>

why is not work ? and why target.php become empty file..?

thanks

<?php
// removal malicious script by forzadraco

$filename="target.php";

$existfile=fopen($filename,"a+");

if($existfile){
echo "file berhasil dibaca \n\n";
}else{
echo "file gagal dibaca \n\n";
}


if( false == ($str=file_get_contents( $filename )))
echo "Could not read file.";
else
echo "File contents: ".htmlspecialchars($str);

$hsl=preg_replace("/xxxx/i","draco",$str);

echo "<hr />".htmlspecialchars($hsl);

fwrite($existfile,$hsl);
fclose($existfile);

?>

Check "mode" http://in2.php.net/manual/en/function.fopen.php . Mode "w" : Open for writing only; place the file pointer at the beginning of the file and truncate the file to zero length. If the file does not exist, attempt to create it.

I have read the script and if you are using php5 then the following might be better with the functions file_get_contents and file_put_contents.

<?php
// removal malicious script by forzadraco

$filename="target.php";

$existfile=file_get_contents($filename);

if($existfile){
echo "file berhasil dibaca \n\n";
}else{
echo "file gagal dibaca \n\n";
}


if( false == ($str=file_get_contents( $filename ))) {
echo "Could not read file.";
} else {
echo "File contents: ".htmlspecialchars($str);
}

$hsl=preg_replace("/xxxx/i","draco",$str);

echo "<hr />".htmlspecialchars($hsl);

file_put_contents($hsl,$existfile);

?>

Note: It's good to see you made an attempt at adding the opening code tags but next time try to add the closing code tags too.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.