Fermé

Detect and fix what is this weird PHP process: /usr/local/bin/php -d safe_mode=off -r eval(base54_decode

Im checking my processes via htop and I noticed a weird process which consumes quite good % of the cpu:

Seems to be /usr/local/bin/php -d safe_mode=off -r eval(base64_decode and a huge base64 code string

I want to know:

1) What is it? If its a hack or what?

2) How to fix this?

3) How it got there

Compétences : Linux, MySQL, PHP, Tests de Logiciels, Ubuntu

Voir plus : what is the fix, php hack code, fix hack, php hack eval base, php eval base, decode mime attachment php, md5 base decode, base decode, decode email attachment php, decode php php, decode ioncube encrypted php files, decode captcha using php, decode attachment mail php

Concernant l'employeur :
( 113 commentaires ) DURANGO, Mexico

N° du projet : #8459440

19 freelance ont fait une offre moyenne de 43 $ pour ce travail

Sotirov

It's most likely virus/spamming code, where do you see this process running and can't you stop it? If you give me access to the server I'll try to find from where it gets started

30 $ USD en 1 jour
(81 Commentaires)
7.0
odessky

1) What is it? If its a hack or what? Yes 2) How to fix this? Order me 3) How it got there Your server is unsecured ***************************************************************************

150 $ USD en 5 jours
(244 Commentaires)
6.9
codetrance

I can help you. Do you have root access to your server?. I'm looking forwards to your response. Thank you.

30 $ USD en 1 jour
(173 Commentaires)
6.5
vili1977

Hello. I would like to help you with php proc identified. I have a lot of experience with linux many years. Thank you.

30 $ USD en 1 jour
(434 Commentaires)
6.7
nikosku

Hello, my name is Nikos and I'm working on the Linux server administration field for the past 5 years. Over these years I was responsible for two web hosting companies, managing at full their servers and providing cust Plus

100 $ USD en 1 jour
(93 Commentaires)
6.1
bms8197

Hello there, I am currently working as a Senior System Administrator at one of the biggest web hosting companies from Romania ([url removed, login to view]). I take care of over 200 servers (both physical server and virtual serv Plus

40 $ USD en 1 jour
(52 Commentaires)
5.4
tcjn

Nie złożono jeszcze oferty.

55 $ USD en 3 jours
(70 Commentaires)
5.2
vantuanvn

send me detail your servers, it will fix it and only receive paypal after it is finished . I setup and maintain many runing site : [url removed, login to view], [url removed, login to view], [url removed, login to view], [url removed, login to view],, [url removed, login to view], Plus

25 $ USD en 1 jour
(29 Commentaires)
5.2
JelTechnology

I will have to look into the server. Can fix in few hours time. Again you will have to provide ssh access to your server for me to be able to finish this job

55 $ USD en 1 jour
(6 Commentaires)
4.8
andrew8k

Hi, I am expert in PHP. Seems you have been hacked. Can you give me base64 code string? Regards, Andrew .

25 $ USD en 0 jours
(29 Commentaires)
4.9
thms00

Dear sir, As a pentester and security researcher, I think this is a hack. We can cleary see PHP is started without safe_mode with enables dangerous functions such as shell_exec. The only reason behind encoding wi Plus

30 $ USD en 3 jours
(36 Commentaires)
4.5
mikeorozco94

From how you've described it, this is potentially malicious code that has made its way onto your server via yourself or some outside party. I can figure out exactly what this code is doing and take the proper direct Plus

25 $ USD en 1 jour
(23 Commentaires)
4.1
snaiperskaya

A proposal has not yet been provided

35 $ USD en 1 jour
(9 Commentaires)
3.7
toufiqueimam

It's certainly a hacked process. It is running some php commands which is encoded in base64 so that you don't know what task is done by it. But i think you understand what it means? (illegal)

55 $ USD en 1 jour
(14 Commentaires)
3.3
jamesdawson95

I can find the base64 that is being executed in PHP and decode it to find exactly what is happening. I am free to start immediately.

25 $ USD en 0 jours
(6 Commentaires)
1.9
robertlanyi

Dear Sir/Madam, please let me introduce myself briefly. Fifteen years dealing with information technology, I am mostly familiar with fields of web development and system and network operations. Based on your de Plus

10 $ USD en 1 jour
(1 Commentaire)
1.6
thamemostore

Hello i can do this job for you and i am ready to start working now, so just contact me so i can start working on it ... feedback from UPwork company [url removed, login to view]~01f607c0270a3c7419/ Plus

45 $ USD en 0 jours
(0 Commentaires)
0.0
tskshad

It's looks like your site/server is infected by malware. Does your site based on Wordpress?

30 $ USD en 3 jours
(0 Commentaires)
0.0
uniquecode4

Greeting! I will do it. I am 7+ years experienced in Core PHP with OOP/Procedures, CakePHP, CodeIgniter, MySql, MSSQL, MSAccess, CSV, Excel, XML, JS, AJAX, jQuery, JSON, XSLT, HTML, HTML5, Websites speedup task, Pa Plus

25 $ USD en 3 jours
(0 Commentaires)
0.0