In several files, I found injected code in my PHP files. I attempted to Pastebin the code, but Pastebin actually wouldn’t accept the code. I tried various Pastebin alternatives as well, none of them would accept the code as-is, not even StackOverflow.
So what I’ve done is uploaded the to my own personal server and am hosting it from a *.txt file. If someone knows a better way, please let me know. I know it seems fishy (at least, my actions seem fishy even to me) and I apologize for that.
Also, there are three “paragraphs” of code, each paragraph was found on a different page, injected at the top of all 3. The first block of code is rather small, only about 5 or so lines after wordwrap. The other two blocks of code are quite lengthy, and in the 3rd block of code exists a 4th inline encoded string.
The injected code:
After expanding the first line, I noticed that there is a little file upload form that they put in there, with this Copyright…