

Being hacked killed a 6k traffic spike on my blog yesterday - Swizec
http://swizec.com/blog/being-hacked-killed-my-blogs-6k-traffic-spike-yesterday/swizec/1723

======
eiji
FWIW (from game.php):

    
    
      eval(base64_decode('<long encoded stream>')
    

decodes to:

    
    
      $passwd = array('root' => '12befbfe1068efa2d6813188cb48f796');
    
      if (!isset($_SERVER['PHP_AUTH_USER']) ||
          !isset($_SERVER['PHP_AUTH_PW']) ||
          !isset($passwd[$_SERVER['PHP_AUTH_USER']]) ||
          $passwd[$_SERVER['PHP_AUTH_USER']] != md5($_SERVER['PHP_AUTH_PW'])) {
        header('WWW-Authenticate: Basic realm="HELP 1.8"');
        header('HTTP/1.0 401 Unauthorized');
        $authenticated = true;
        echo "<html><head><title>Access Denied</title></head><h1>Access denied</h1><hr><body></body></html>";
        exit(0);
    
      } else {
        $authenticated = true;
      }

------
dibarra
By the way, simply put, load averages are computed based on the number of
processes in contention for the CPU, and are calculated based on a single CPU
average. So, a load of 70 means 70 processes were in contention of the CPU,
meaning the system is overloaded by 7000% (assuming the server had only one
CPU core.)

<http://en.wikipedia.org/wiki/Load_(computing)>

