• Call
  • Email
  • +971 588 766 297 (UAE)
  • +91-911 113 6555 (IND)
  • info@synramtechnolab.com
  • Home
  • About Us
  • Services
    • CMS
      • Drupal Development
      • Joomla Development
      • Magento Development
      • WordPress Development
    • Marketing
      • Bing Advertising
      • Google Advertising
      • Internet Marketing
      • Social Media Marketing
      • Digital Marketing
      • SEO Packages
    • Development
      • PHP Custom Web Development
      • Open Source Development
      • E-commerce website development
      • Mean Full Stack Development
      • Mern Full Stack Development
      • Mobile App Development
      • App CMS Development
      • Maintenance
    • Web Design
      • Website Designing
      • Website Redesign
      • Logo Design
  • Portfolio
  • Product
    • School Management System
    • Hospital Management System
    • E-commerce Grocery Store
    • Pos system
    • Taxi Booking mobile Application
    • Multipurpose Mobile Application
    • Salon / Spa Mobile Application
    • Food Delivery Application
  • Resources
    • Blog
    • Web Stories
    • Case study
      • case study
      • Case Study | Digital Marekting
  • Contact Us
    • General enquiry
    • Career enquiry
  • Get Free Quote
+91-94065-80029
whatsapp

How to resolve Eval Base64 Malicious Code’s Problem?

Home » Case Study » How to resolve Eval Base64 Malicious Code’s Problem?
May 13, 2014

This is SynramTechnolab Blog and in this blog, you will learn what is Eval base code, how much dangerous it is for website and most important thing how to remove it. If you read the complete, I can make you sure that, you will get rid of this malicious code.

Introduction

Eval code 64 is a malicious code that is infused by hackers in the site’s code line. This dangerous code is highly infectious and can result in site crash, Google search problems and also infects entire system with malware. An apparent indication of a compromised site is when you see it loading with blank white pages. After SSH’ing into the server you can come up with wp-config.php file. And the thing that come next is eval(base64_decode(“ZXJy….line which confirms that your site has been  compromised. In such cases attackers fuse the malicious code with PHP base64_encode () function. Then they use the base64_decode() function to decode (i.e. un-hide) it. Finally, the PHP eval () function is used to ‘run’ (or EVALuate) the malicious code. They place the malicious line at the top of as many PHP files as they can.

To peek into the fused code copy and paste the whole line into a new PHP file and then replace eval(base64_decode(….)); with echo base64_decode(…);. That will print out the PHP code that the attacker is trying to run.

Danger posed by hackers.

As we have understood that this code is highly dangerous and if not taken preventive measures in time then apart from the website it can spread and infect entire system with malware.

Most often hacker’s intention is to redirect the site to some other domain in order to make money. Suppose if a hacker earns as miniscule amount as $0.01 for redirection to an ad somewhere on the Gigantic World of web then they could earn unimaginable amount of illegitimate money by infecting any popular site.

While dealing with such problem or performing the cleaning process you can temporarily block access to the site by adding the deny, allow command to the top of .htaccess in the root folder of the website. Then allow deny command must deny access from all and allow only from your IP address (if .htaccess file doesn’t already exist, you’ll want to create it).

 

Once it is done you initiated the cleaning process and not let the attacker any chance to infect other files.

Synram Technolab team would like to share the simple Solution to the problem is here. If you see the malicious Eval base code in your website in any file then finding that list of infected files is rather too long editing each file will be too time consuming but thankfully there is an easier way of doing it by running a link specially designed to identify files and remove such malicious code. We have the file which you can run on your browser and that file will work in a way that not only it will remove malicious/infected files but also will show you what were the infected files, there you do not need to search the directory for any files that may contain the malicious code.

After running that link on your browser you can find all .php files in current directory and subdirectories and search for the malicious line and replace it with nothing, doing so you can easily eliminate the malicious code from each line.  You must repeat the process to check any discrepancy.

Here is the sample code:

(you just need to ask for the code either by mailing us or by commenting on this blog, we will give you the code on your email free of cost).

As we all know that ‘prevention is always better than cure’. Believing in this wisdom here are some pointers for you to prevent your website and system from this malicious code.

  • 1. Install security plug-ins. You can opt for plugins like better WP security, Bullet proof security.
  • 2. Rewrite the prefix of database
  • 3. Change the username of wp admin
  • 4. To see the decoded version of eval base code. Check out the decoded code and see what it meant for. Here is the website http://www.base64decode.org/
  • 5. when your website get infected with this code, just close down the website immediately till you fix it by putting underconstruction tag so that Google can not blacklist it. If blacklisted by Google then it tags the website with a warning page , then you will need to take the following steps:

 

What you’ll do:

  1. Confirm you’ve completed the requisite steps:
    • – Verified ownership of your site in Webmaster Tools
    • – Cleaned your site of the hacker’s vandalism
    • – Corrected the vulnerability
    • – Brought your clean site back online
  2. Double-check that your pages are available and clean

To be safe, use either Wget or cURL to safely view pages on your site, such as your homepage and a URL modified by the hacker that should now be clean. If these URLs return content free of the hacker’s damage (and you’re confident that same applies to the rest of the pages on your site), it’s time to request a review.

3. Here is the last steps to follow:

a. Click the link for the site which will take you to the Dashboard for the site

b. Click Diagnostics, and then click Malware.
c. Click the link “Request a Review” and submit the requested information.

or if the link is not there try

a. Click the link [ More Details ] from the red malware warning bar
b. Click the link “Request a Review” and submit the requested information.

Recent Posts
  • What is artificial intelligence, how does it work?
  • Is Progressive Web App Development is better, secure and price friendly option in 2023?
  • Identifying and Preventing Plagiarism in the Digital Marketing Business
  • File a Complaint on Cyber Crime Cell: A Complete Guide
  • 3 Ways you can develop your buildings in the Metaverse
  • A Complete Guide to Buy Virtual Land in the Metaverse
  • A Complete Solution to make a Doctor on demand Telemedicine App
  • Beware From Cyberattacks During Holidays
  • Everything You Need to Know About NFT
  • Live Commerce : The next big thing.
  • 5 Tools that help you find and Remove the Copied Content
  • Funding Alert: Bikry App gets funding from YCombinators.
  • Bitcoin And Blockchain: Facts And Difference Between Bitcoin & Blockchain
  • Augmented Reality (AR): It’s Use And How It’s Different From VR.
  • Why List Businesses In Online Business Directories?
  • Glance Brings Interactive Content At Your Lock Screen.
  • Top 3 E-commerce Design Checklist: Built Ecommerce User Friendly
  • Google Giving Chance To Earn While Sitting At Home
  • Why Flutter Development is the best choice for mobile app development in 2021
  • Future of Digital Marketing
  • Reels by Instagram & Micro video sharing platform
  • Alternatives of 59 Chinese Mobile Apps which are banned by GOI
  • 5 things business can do during and post lockdown
  • Free Advertising on Google Adwords – A cheerful & big step taken by Google amidst Corona Crisis.
  • 6 Digital Marketing Strategies You Can Implement Yourself For Your Business
  • How can you choose a web and mobile application development company?
  • Tips to consider before carrying out idea/product development
  • 6 Perfect Mobile App Ideas which are yet to Explore 2019
  • A Free Tool for Increasing Your Website Speed
  • Top Level Domain Extensions which Suits to Your Business
  • 5 Ways to Stop Indexing Directories by Crawlers
  • Best SEO Strategies for E-Commerce Websites
  • What Makes You Different from Your Competitors?
  • Google Closing Its Inbox App
  • How to Prevent Malware Attacks
  • Why Your Business Needs a Website?
  • Internal and External Linking That Google Will Love in Your Blog Content
  • Local Business Marketing SEO Tips 2019
  • WhatsApp Business API Launched for Betterment of Customer Service
  • Boost Traffic & Gain More Customers

GET IN TOUCH NOW. WE ARE HERE TO HELP!



    Blog

    • How to Improve Website Ranking?
    • CodeIgniter – A Powerful PHP Framework
    • Is Your Website Still Hurting from Penguin Update?
    • E-Commerce Design and it’s Benefits
    • 3 Ways you can develop your buildings in the Metavers
    • Live Commerce : The next big thing.
    • Augmented Reality (AR): It’s Use And How It’s Different From VR.
    • A Complete Solution to make a Doctor on demand Telemedicine App

    Our Services

    • Logo Design
    • Website Development
    • Our IT Company
    • Website Design
    • Software Enterprise
    • Our Blog
    • Website Design
    • Website Redesign
    • Website Maintenance

    our prroduct

    • School Management
    • Hospital Management
    • E-commerce Grocery Store
    • Pos system
    • Taxi Booking mobile Application
    • Multipurpose Mobile Application
    • Salon / Spa Mobile Application
    • Food Delivery Application

    CONTACT US

    • Synram Software Services Pvt ltd
      GST NO. 23AAZCS1803R1ZN
      India:
      Office 1: G-8 Vyankateshwaram, Patel Nagar, City Center, Gwalior
      Office 2: Gurugram, Sector 44, 91 Springboard
      India: +91-91111-36-555, +91-911-113-7555
      Dubai:
      Office: Floor 13, Aspin Tower Budget Business Center Sheikh Zayed Road, Nearest to Financial Center Metro Station PO Box 46610 Dubai
      Dubai : 0588-766-297
      Canada:
      Office: 88 Monkton Circle, Brampton, ON L6Y 5Z5

    Content Management System

    • WordPress Development
    • Drupal Development
    • Joomla Development
    • Magento Development

    Policies

    • Privacy Policy
    • Refund Policy
    • Terms of use
    • Site Map

    Web Development

    • Open Source Development
    • PHP Custom Web Development

    Internet Marketing

    • Google Advertising
    • Bing Advertising
    • Search Engine Optimization
    • Social Media Optimization
    About Your Website About Your Website Shopify DMCA
    STAY CONNECTED
    Facebook Twitter Pinterest Linkedin Linkedin Linkedin Linkedin
    WEBMASTER: seo@synram.co
    PAYMENT OPTIONS
    Payment Options
    Copyright © 2022 All Rights Reserved. Rated 4.9/5 4.9 Rating based on Google Plus reviews and rating. Check out here! Synram Technolab
    Go to mobile version