How does this giant regex work?

Question

I recently found the code below in one of my directories, in a file called doc.php. The file functions or links to a file manager. It\'s quite nicely done. Basi

Answer 1

This all most likely happened due to the timthumb.php hack.

If you are running an outdated version of timthumb.php with your theme this is the most common exploit. I noticed that these obfuscated PHP files were appearing in timthumb's /cache/ folder so I attributed it to this hack.

Updating the timthumb file should solve this problem.