网站的目录
D:\铺面网\nnpm.cnD:\铺面网 多出一些文件和文件夹boot.ini(文件夹)
-0.htm______.html
-0.jpg______.html
-0______.htmlboot.ini______.html(文件)etc(文件夹)
-passwd______.html
-passwd(文件夹)
-0______.html
-0.jpg______.html
-0.html______.html所有的html文件都是
http://www.nnpm.cn/search.html
页面的HTML代码但是很多链接都改成了
../../../../../../../../boot.ini\\0.htm
类似的网址下面其中一个HTML的部分代码
比如D:\铺面网\boot.ini\0.htm______.html
type="text/javascript">cssdropdown.startchrome("navMenu")</script><script type="text/javascript" src="/upload/js/nav.js"></script><!-- 导航结束 --><div class="content"><div class="gg"><a href="/" title="南宁铺面网" class="dblue12_link">南宁铺面网</a> >> <a href="/search.html" title="南宁商铺列表" class="dblue12_link">南宁商铺列表</a> >> </div><div class="dhnr"><div class="dhnr_con"><div class="dh2"><div class="dh1_bt"><div class="dh1_bt_left"> 区域: </div><div class="dh1_bt_right1"><!--[if !IE]>大区域开始<![endif]--><ul><li class="black14_link_bg"><a href="/search/key/../../../../../../../../boot.ini\\0.htm.html">全部</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/area/1.html">青秀区</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/area/2.html">西乡塘区</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/area/3.html">兴宁区</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/area/4.html">江南区</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/area/5.html">邕宁区</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/area/186.html">良庆区</a></li></ul><!--[if !IE]>大区域结束<![endif]--></div></div></div><!--[if !IE]>2区域开始<![endif]--><div class="dh2"><div class="dh1_bt"><div class="dh1_bt_left"> 业态: </div><div class="dh1_bt_right1"><ul><li class="black14_link_bg"><a href="/search/key/../../../../../../../../boot.ini\\0.htm.html">全部</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/1.html">餐饮食品</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/2.html">娱乐休闲</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/3.html">宾馆旅馆</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/4.html">美容美发</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/18.html">百货超市</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/19.html">电子通讯</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/20.html">服装鞋包</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/21.html">家居建材</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/22.html">生活服务</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/23.html">教育培训</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/24.html">汽修汽配</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/25.html">医药保健</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/129.html">空铺</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/132.html">厂房土地</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/148.html">其他</a></li></ul></div></div></div><!--[if !IE]>2区域结束<![endif]--><!--[if !IE]>3区域开始<![endif]--><div class="dh2"><div class="dh1_bt"><div class="dh1_bt_left"> 面积: </div><div class="dh1_bt_right1"><ul><li class="black14_link_bg"><a href="/search/key/../../../../../../../../boot.ini\\0.htm.html">全部</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/20.html">小于等于20m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/21-50.html">21-50m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/51-70.html">51-70m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/71-90.html">71-90m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/91-110.html">91-110m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/111-130.html">111-130m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/131-150.html">131-150m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/151-200.html">151-200m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/201-300.html">201-300m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/301-500.html">301-500m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/501.html">大于500m<sup>2</sup></a></li></ul></div></div></div><!--[if !IE]>3区域结束<![endif]--><!--[if !IE]>4区域开始<![endif]--><!--<div class="dh2"><div class="dh1_bt"><div class="dh1_bt_left"> 租金: </div><div class="dh1_bt_right1"><ul><li class="black14_link_bg"><a href="/search/key/../../../../../../../../boot.ini\\0.htm.html">全部</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/my.html">面议</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/800.html">小于等于800元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/801-1500.html">801-1500元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/1501-2000.html">1501-2000元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/2001-3000.html">2001-3000元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/3001-4500.html">3001-4500元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/4501-6000.html">4501-6000元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/6001-8000.html">6001-8000元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/8001-10000.html">8001-10000元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/10001.html">大于10000元</a></li>
这个到底是什么类型的漏洞攻击,可以自动生成文件和文件夹的?
D:\铺面网\nnpm.cnD:\铺面网 多出一些文件和文件夹boot.ini(文件夹)
-0.htm______.html
-0.jpg______.html
-0______.htmlboot.ini______.html(文件)etc(文件夹)
-passwd______.html
-passwd(文件夹)
-0______.html
-0.jpg______.html
-0.html______.html所有的html文件都是
http://www.nnpm.cn/search.html
页面的HTML代码但是很多链接都改成了
../../../../../../../../boot.ini\\0.htm
类似的网址下面其中一个HTML的部分代码
比如D:\铺面网\boot.ini\0.htm______.html
type="text/javascript">cssdropdown.startchrome("navMenu")</script><script type="text/javascript" src="/upload/js/nav.js"></script><!-- 导航结束 --><div class="content"><div class="gg"><a href="/" title="南宁铺面网" class="dblue12_link">南宁铺面网</a> >> <a href="/search.html" title="南宁商铺列表" class="dblue12_link">南宁商铺列表</a> >> </div><div class="dhnr"><div class="dhnr_con"><div class="dh2"><div class="dh1_bt"><div class="dh1_bt_left"> 区域: </div><div class="dh1_bt_right1"><!--[if !IE]>大区域开始<![endif]--><ul><li class="black14_link_bg"><a href="/search/key/../../../../../../../../boot.ini\\0.htm.html">全部</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/area/1.html">青秀区</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/area/2.html">西乡塘区</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/area/3.html">兴宁区</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/area/4.html">江南区</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/area/5.html">邕宁区</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/area/186.html">良庆区</a></li></ul><!--[if !IE]>大区域结束<![endif]--></div></div></div><!--[if !IE]>2区域开始<![endif]--><div class="dh2"><div class="dh1_bt"><div class="dh1_bt_left"> 业态: </div><div class="dh1_bt_right1"><ul><li class="black14_link_bg"><a href="/search/key/../../../../../../../../boot.ini\\0.htm.html">全部</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/1.html">餐饮食品</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/2.html">娱乐休闲</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/3.html">宾馆旅馆</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/4.html">美容美发</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/18.html">百货超市</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/19.html">电子通讯</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/20.html">服装鞋包</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/21.html">家居建材</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/22.html">生活服务</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/23.html">教育培训</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/24.html">汽修汽配</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/25.html">医药保健</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/129.html">空铺</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/132.html">厂房土地</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/type/148.html">其他</a></li></ul></div></div></div><!--[if !IE]>2区域结束<![endif]--><!--[if !IE]>3区域开始<![endif]--><div class="dh2"><div class="dh1_bt"><div class="dh1_bt_left"> 面积: </div><div class="dh1_bt_right1"><ul><li class="black14_link_bg"><a href="/search/key/../../../../../../../../boot.ini\\0.htm.html">全部</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/20.html">小于等于20m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/21-50.html">21-50m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/51-70.html">51-70m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/71-90.html">71-90m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/91-110.html">91-110m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/111-130.html">111-130m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/131-150.html">131-150m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/151-200.html">151-200m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/201-300.html">201-300m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/301-500.html">301-500m<sup>2</sup></a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/size/501.html">大于500m<sup>2</sup></a></li></ul></div></div></div><!--[if !IE]>3区域结束<![endif]--><!--[if !IE]>4区域开始<![endif]--><!--<div class="dh2"><div class="dh1_bt"><div class="dh1_bt_left"> 租金: </div><div class="dh1_bt_right1"><ul><li class="black14_link_bg"><a href="/search/key/../../../../../../../../boot.ini\\0.htm.html">全部</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/my.html">面议</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/800.html">小于等于800元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/801-1500.html">801-1500元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/1501-2000.html">1501-2000元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/2001-3000.html">2001-3000元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/3001-4500.html">3001-4500元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/4501-6000.html">4501-6000元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/6001-8000.html">6001-8000元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/8001-10000.html">8001-10000元</a></li><li class="black14_link"><a href="/search/key/../../../../../../../../boot.ini\\0.htm/price/10001.html">大于10000元</a></li>
这个到底是什么类型的漏洞攻击,可以自动生成文件和文件夹的?
比如我通过攻击拿下你的shell(这种方法就多了去了……),那么我可以直接登录服务器,ftp等方式上传文件。再如,你的网站有上传图片的接口,如果上传文件接口有漏洞,没有过滤好、没有限制好,那么我上传一个脚本文件,传成功后我在网页调用它,一样可以生成很多文件。很多网站都以为上传很安全,其实有不少特别是论坛这种,处理gif啥的做的都不好。同时,这种上传图片并以脚本执行,也与你的php版本有关。还有可能就是,你的这台机器不只是跑了这一个网站。一般我在尝试入侵网站的时候,遇到不好拿下的,一般都会深入搜索,看这个网站的服务器是否还提供了别的网站,若是别的网站有漏洞,攻击了以后也可以间接的影响到原始网站。
如果他能 直接登录服务器或者上传文件 那为什么好那么麻烦留下那么多的文件而且还是某个页面的HTML,并且改其中的链接?因为所有的html文件都跟搜索页有关,我觉得还是搜索页出了问题,通过某种漏洞生成这些文件
如果他能 直接登录服务器或者上传文件 那为什么好那么麻烦留下那么多的文件而且还是某个页面的HTML,并且改其中的链接?因为所有的html文件都跟搜索页有关,我觉得还是搜索页出了问题,通过某种漏洞生成这些文件你的意思是用户在搜索页输入搜索内容,而内容构造了“注入代码”?
如果是这样就要看你的php代码了,逐行检查一下,是否有调用php可以执行系统程序的语句,而接受的参数可以是用户输入的。
另外用户自己构造url参数,覆盖你的变量也是可以的。
如果他能 直接登录服务器或者上传文件 那为什么好那么麻烦留下那么多的文件而且还是某个页面的HTML,并且改其中的链接?因为所有的html文件都跟搜索页有关,我觉得还是搜索页出了问题,通过某种漏洞生成这些文件你的意思是用户在搜索页输入搜索内容,而内容构造了“注入代码”?
如果是这样就要看你的php代码了,逐行检查一下,是否有调用php可以执行系统程序的语句,而接受的参数可以是用户输入的。每个$_GET过来的参数都用htmlspecialchars和mysql_escape_string过滤,这样是否安全?PHP版本是5.2
如果他能 直接登录服务器或者上传文件 那为什么好那么麻烦留下那么多的文件而且还是某个页面的HTML,并且改其中的链接?因为所有的html文件都跟搜索页有关,我觉得还是搜索页出了问题,通过某种漏洞生成这些文件你的意思是用户在搜索页输入搜索内容,而内容构造了“注入代码”?
如果是这样就要看你的php代码了,逐行检查一下,是否有调用php可以执行系统程序的语句,而接受的参数可以是用户输入的。每个$_GET过来的参数都用htmlspecialchars和mysql_escape_string过滤,这样是否安全?PHP版本是5.2
首先5.2版本就有很多问题,最典型的就是hash的dos攻击,我同学的blog就是这个版本,我只要并发十几个请求,就把他的服务器8G内存搞满了,然后拒绝服务,5.3稳定一些。htmlspecialchars这种可以避免一些XSS攻击,而mysql_escape_string主要是避免mysql注入攻击,我觉得和你的问题不是一样的。
给你看一个文章吧,应该有助于你分析。http://sebug.net/vuldb/ssvid-60604
http://www.nnpm.cn/search.html
网站已经备份及时指出漏洞
没有诬陷只是怀疑,因为太巧合了。用的是THINKPHP自己开发的
还有搜索一些危险的函数 如黑帽子常用的“一句话后门”<?php eval($_POST['cmd']);?>