最近我的网站和朋友的网站老是被挂马,管理员密码也被修改。
现在的开源程序帐号不都是MD5加密的嘛,百度终于知道原因了,原来是在登录页面插入了代码,我只要一登录帐号和密码就明文生成到一个TXT文本文件上面。
我已经覆盖修复了文件,并做了防御,但是我想研究一下,当初那哥们,怎么生成TXT文件的。求修改代码。login.php文件代码 <?php
require_once(dirname(dirname(__FILE__)) . '/app.php');if ( $_POST ) {
$login_admin = ZUser::GetLogin($_POST['username'], $_POST['password']);
if ( !$login_admin || $login_admin['manager'] != 'Y' ) {
Session::Set('error', '用户名密码不匹配!');
redirect( WEB_ROOT . '/manage/login.php');
} else {
Session::Set('admin_id', $login_admin['id']);
Session::Set('user_id', $login_admin['id']);
redirect( WEB_ROOT . '/manage/index.php');
}
}include template('manage_login');
APP.php文件代码<?php
require_once(dirname(__FILE__). '/include/application.php');/* magic_quota_gpc */
$_GET = magic_gpc($_GET);
$_POST = magic_gpc($_POST);
$_COOKIE = magic_gpc($_COOKIE);/* process currefer*/
$currefer = uencode(strval($_SERVER['REQUEST_URI']));/* session,cache,configure,webroot register */
Session::Init();
$INI = ZSystem::GetINI();
/* end *//* date_zone */
if(function_exists('date_default_timezone_set')) {
date_default_timezone_set($INI['system']['timezone']);
}
/* end date_zone */
/* biz logic */
$currency = $INI['system']['currency'];
$login_user_id = ZLogin::GetLoginId();
$login_user = Table::Fetch('user', $login_user_id);
$hotcities = option_hotcategory('city', false, true);
$allcities = option_category('city', false, true);
$city = cookie_city(null);if (!isset($_COOKIE['referer'])) {
setcookie('referer',$_SERVER['HTTP_REFERER']);
}/* not allow access app.php */
if($_SERVER['SCRIPT_FILENAME']==__FILE__){
redirect( WEB_ROOT . '/index.php');
}
/* end */
$AJAX = ('XMLHttpRequest' == @$_SERVER['HTTP_X_REQUESTED_WITH']);
if (false==$AJAX) {
header('Content-Type: text/html; charset=UTF-8');
run_cron();
} else {
header("Cache-Control: no-store, no-cache, must-revalidate");
}
/* city */
$cities = DB::LimitQuery('category', array(
'condition' => array( 'zone' => 'city') ,
'order' => 'ORDER BY sort_order DESC',
));
$cities = Utility::AssColumn($cities, 'letter', 'ename');
现在的开源程序帐号不都是MD5加密的嘛,百度终于知道原因了,原来是在登录页面插入了代码,我只要一登录帐号和密码就明文生成到一个TXT文本文件上面。
我已经覆盖修复了文件,并做了防御,但是我想研究一下,当初那哥们,怎么生成TXT文件的。求修改代码。login.php文件代码 <?php
require_once(dirname(dirname(__FILE__)) . '/app.php');if ( $_POST ) {
$login_admin = ZUser::GetLogin($_POST['username'], $_POST['password']);
if ( !$login_admin || $login_admin['manager'] != 'Y' ) {
Session::Set('error', '用户名密码不匹配!');
redirect( WEB_ROOT . '/manage/login.php');
} else {
Session::Set('admin_id', $login_admin['id']);
Session::Set('user_id', $login_admin['id']);
redirect( WEB_ROOT . '/manage/index.php');
}
}include template('manage_login');
APP.php文件代码<?php
require_once(dirname(__FILE__). '/include/application.php');/* magic_quota_gpc */
$_GET = magic_gpc($_GET);
$_POST = magic_gpc($_POST);
$_COOKIE = magic_gpc($_COOKIE);/* process currefer*/
$currefer = uencode(strval($_SERVER['REQUEST_URI']));/* session,cache,configure,webroot register */
Session::Init();
$INI = ZSystem::GetINI();
/* end *//* date_zone */
if(function_exists('date_default_timezone_set')) {
date_default_timezone_set($INI['system']['timezone']);
}
/* end date_zone */
/* biz logic */
$currency = $INI['system']['currency'];
$login_user_id = ZLogin::GetLoginId();
$login_user = Table::Fetch('user', $login_user_id);
$hotcities = option_hotcategory('city', false, true);
$allcities = option_category('city', false, true);
$city = cookie_city(null);if (!isset($_COOKIE['referer'])) {
setcookie('referer',$_SERVER['HTTP_REFERER']);
}/* not allow access app.php */
if($_SERVER['SCRIPT_FILENAME']==__FILE__){
redirect( WEB_ROOT . '/index.php');
}
/* end */
$AJAX = ('XMLHttpRequest' == @$_SERVER['HTTP_X_REQUESTED_WITH']);
if (false==$AJAX) {
header('Content-Type: text/html; charset=UTF-8');
run_cron();
} else {
header("Cache-Control: no-store, no-cache, must-revalidate");
}
/* city */
$cities = DB::LimitQuery('category', array(
'condition' => array( 'zone' => 'city') ,
'order' => 'ORDER BY sort_order DESC',
));
$cities = Utility::AssColumn($cities, 'letter', 'ename');
======
POST过来的数据都是明文的哈,直接拿POST里面的数据,然后file_put_contents()不就搞定了?