that's a base64 encoded backdoor and I assume the backdoor code is right after the opening tag of every php file mentionned above.First, start with shutting down the website until the problem is solved, there maybe an exploit kit ( assuming worse case here ) and it would affect your website visitors.Then, try to find out what's the vulnerability that caused your website to be hacked ( apache logs would be a quick way to find out ) , fix it in the backup files and restart your website.Honestly, it won't be sthg easy if you didn't already know how to do it.Quick and dirty solutions will only delay getting your website hacked again
↧