0
Welcome Guest! Login
0 items Join Now

SOLVED Gantry last update and base64_decode, eval codes

Last Post
Search Topic

  • SOLVED Gantry last update and base64_decode, eval codes

    Posted 6 years 2 months ago
    • Hello all

      after the last update of Gantry, my hack scan detected in 2 files some base64_decode and eval codes.
      I wanted to check if that was a normal or my site had some code injection !
      the files are

      first file: /libraries/gantry5/classes/Gantry/Admin/Controller/Json/Filepicker.php

      Suspect Content Matches On Line: 363

      if (base64_decode($path, true) !== false) {


      Suspect Content Matches On Line: 364
      $path = urldecode(base64_decode($path));

      Suspect Content Matches On Line: 445
      if (base64_decode($path, true) !== false) {


      Suspect Content Matches On Line: 446
      $path = urldecode(base64_decode($path));



      secound file: /libraries/gantry5/vendor/twig/twig/lib/Twig/Test/IntegrationTestCase.php 2 days ago 8 KB 0640

      Suspect Content Matches On Line: 151
      ], $match[2] ? eval($match[2].';') : []);

      Suspect Content Matches On Line: 194

      $output = trim($template->render(eval($match[1].';')), "\n ");



      regards
    • Last Edit: 6 years 2 months ago by Hossam Zalabany.
    #1405411
    • Damir's Avatar
    • Damir
    • Preeminent Rocketeer
    • Posts: 22450
    • Thanks: 2679
    • Web Developer

    Re: SOLVED Gantry last update and base64_decode, eval codes

    Posted 6 years 2 months ago
    #1405412

  • Re: SOLVED Gantry last update and base64_decode, eval codes

    Posted 6 years 2 months ago
    • thanks a lot, will check at once !
    #1405413

  • Re: SOLVED Gantry last update and base64_decode, eval codes

    Posted 6 years 2 months ago
    • it is as source code, looks fine! thanks for reply it helped
      Have a nice evening!
    #1405414

Time to create page: 0.069 seconds