已关闭

Detect and fix what is this weird PHP process: /usr/local/bin/php -d safe_mode=off -r eval(base54_decode

Im checking my processes via htop and I noticed a weird process which consumes quite good % of the cpu:

Seems to be /usr/local/bin/php -d safe_mode=off -r eval(base64_decode and a huge base64 code string

I want to know:

1) What is it? If its a hack or what?

2) How to fix this?

3) How it got there

技能: Linux, MySQL, PHP, 软件测试, Ubuntu

查看更多: what is the fix, php hack code, fix hack, php hack eval base, php eval base, decode mime attachment php, md5 base decode, base decode, decode email attachment php, decode php php, decode ioncube encrypted php files, decode captcha using php, decode attachment mail php

About the Employer:
( 113 reviews ) DURANGO, Mexico

项目ID: #8459440

19名威客为此工作的平均竞标价是$43

Sotirov

It's most likely virus/spamming code, where do you see this process running and can't you stop it? If you give me access to the server I'll try to find from where it gets started

$30USD 在1天里
(81条评论)
7.0
odessky

1) What is it? If its a hack or what? Yes 2) How to fix this? Order me 3) How it got there Your server is unsecured ***************************************************************************

$150 USD 在5天内
(244条评论)
6.9
codetrance

I can help you. Do you have root access to your server?. I'm looking forwards to your response. Thank you.

$30USD 在1天里
(173条评论)
6.5
vili1977

Hello. I would like to help you with php proc identified. I have a lot of experience with linux many years. Thank you.

$30USD 在1天里
(434条评论)
6.7
nikosku

Hello, my name is Nikos and I'm working on the Linux server administration field for the past 5 years. Over these years I was responsible for two web hosting companies, managing at full their servers and providing cust 更多

$100USD 在1天里
(93条评论)
6.1
bms8197

Hello there, I am currently working as a Senior System Administrator at one of the biggest web hosting companies from Romania ([url removed, login to view]). I take care of over 200 servers (both physical server and virtual serv 更多

$40USD 在1天里
(52条评论)
5.4
tcjn

Nie złożono jeszcze oferty.

$55 USD 在3天内
(70条评论)
5.2
vantuanvn

send me detail your servers, it will fix it and only receive paypal after it is finished . I setup and maintain many runing site : [url removed, login to view], [url removed, login to view], [url removed, login to view], [url removed, login to view],, [url removed, login to view], 更多

$25USD 在1天里
(29条评论)
5.2
JelTechnology

I will have to look into the server. Can fix in few hours time. Again you will have to provide ssh access to your server for me to be able to finish this job

$55USD 在1天里
(6条评论)
4.8
andrew8k

Hi, I am expert in PHP. Seems you have been hacked. Can you give me base64 code string? Regards, Andrew .

$25 USD 在0天内
(29条评论)
4.9
thms00

Dear sir, As a pentester and security researcher, I think this is a hack. We can cleary see PHP is started without safe_mode with enables dangerous functions such as shell_exec. The only reason behind encoding wi 更多

$30 USD 在3天内
(36条评论)
4.5
mikeorozco94

From how you've described it, this is potentially malicious code that has made its way onto your server via yourself or some outside party. I can figure out exactly what this code is doing and take the proper direct 更多

$25USD 在1天里
(23条评论)
4.1
snaiperskaya

A proposal has not yet been provided

$35USD 在1天里
(9条评论)
3.7
toufiqueimam

It's certainly a hacked process. It is running some php commands which is encoded in base64 so that you don't know what task is done by it. But i think you understand what it means? (illegal)

$55USD 在1天里
(14条评论)
3.3
jamesdawson95

I can find the base64 that is being executed in PHP and decode it to find exactly what is happening. I am free to start immediately.

$25 USD 在0天内
(6条评论)
1.9
robertlanyi

Dear Sir/Madam, please let me introduce myself briefly. Fifteen years dealing with information technology, I am mostly familiar with fields of web development and system and network operations. Based on your de 更多

$10USD 在1天里
(1条评论)
1.6
thamemostore

Hello i can do this job for you and i am ready to start working now, so just contact me so i can start working on it ... feedback from UPwork company [url removed, login to view]~01f607c0270a3c7419/ 更多

$45 USD 在0天内
(0条评论)
0.0
tskshad

It's looks like your site/server is infected by malware. Does your site based on Wordpress?

$30 USD 在3天内
(0条评论)
0.0
uniquecode4

Greeting! I will do it. I am 7+ years experienced in Core PHP with OOP/Procedures, CakePHP, CodeIgniter, MySql, MSSQL, MSAccess, CSV, Excel, XML, JS, AJAX, jQuery, JSON, XSLT, HTML, HTML5, Websites speedup task, Pa 更多

$25 USD 在3天内
(0条评论)
0.0