I have just taken over a website for a client.
The site was pretty basic - just a few html files and some images. But, when i looked on the server there was this strange subdirectory named unexempt which contains about 100 php files and an index.css.
<snip/>
They don’t look very friendly to me, but can anyone explain exactly what is going on?
cheers.
From what I can see it’s a malicious script aimed at creating a lot of php files containing links to their own websites for link building.
That being said, if you want to know what a suspicious looking script does, please don’t post it. There is no need to make it more available to others. Put your curiosity about how it works and what it does on hold, and ask for help on how to clean-up and improve your security against further attacks instead.
I’ve removed the code from your post.
only links, and no scripts or obfuscated code or redirector?
Probably using keywords that generate high search traffic, luring them to a totally unrelated website. Black hat seo if you ask me.
Didn’t mean to offend you! Sorry if I did! :x
Sorry - didn’t think…
I thought it must be link building somehow, but the phrases seemed so random - from cookery to aerosmith to rust removal. How can that help anyone?
…and it wasn’t ‘my site’ when it got hacked!