search
HomeBackend DevelopmentPHP Tutorial php 漏洞提问 急解决思路

php 漏洞提问 急....
我们网站不知道怎么的多了个test.php

内容如下 :



找了很多资料,也没看出个大概..

1. 我想知道这个一般是怎么注入到我们网站里的??

2. 它主要起什么作用??

我们网站其它原文件应该不会也被注入了吧...

------解决方案--------------------
1.首先在php.ini设定禁用eval函数(需确认系统中未使用此函数――普通系统很少用此函数)
2.搜索所有访问test.php的IP地址

搜集完资料后整理出来,报案。



BatchFile code
inetnum: 222.32.0.0 - 222.63.255.255
netname: CRTC
descr: CHINA RAILWAY TELECOMMUNICATIONS CENTER
descr: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.China
country: CN
admin-c: LQ112-AP
tech-c: LM273-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
changed: hm-changed@apnic.net 20030902
source: APNIC

route: 222.32.0.0/11
descr: CHINA RAILWAY TELECOMMUNICATIONS CENTER
country: CN
origin: AS9394
mnt-by: MAINT-CN-CRTC
changed: ipas@cnnic.cn 20040402
source: APNIC

person: LV QIANG
nic-hdl: LQ112-AP
e-mail: crnet_mgr@chinatietong.com
address: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.China
phone: +86-10-51892111
fax-no: +86-10-51847845
country: CN
changed: ipas@cnnic.net.cn 20060911
mnt-by: MAINT-CNNIC-AP
source: APNIC

person: liu min
nic-hdl: LM273-AP
e-mail: crnet_tec@chinatietong.com
address: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.China
phone: +86-10-51848796
fax-no: +86-10-51842426
country: CN
changed: ipas@cnnic.net.cn 20041208
mnt-by: MAINT-CNNIC-AP
source: APNIC

inetnum: 222.32.0.0 - 222.63.255.255
netname: CRTC
descr: CHINA RAILWAY TELECOMMUNICATIONS CENTER
descr: 22F Yuetan Mansion,Xicheng District,Beijing,China
country: CN
admin-c: LQ112-CN
tech-c: LM273-CN
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20030902
mnt-by: MAINT-CNNIC-AP
source: CNNIC

person: LV QIANG
nic-hdl: LQ112-CN
e-mail: crnet_mgr@chinatietong.com
address: 22F Yuetan Mansion,Xicheng District,Beijing
phone: +86-10-51892111
fax-no: +86-10-51847845
country: CN
changed: ipas@cnnic.cn 20060419
mnt-by: MAINT-CNNIC-AP
source: CNNIC

person: liu min
nic-hdl: LM273-CN
e-mail: crnet_tec@chinatietong.com
address: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.China
phone: +86-10-51848796
fax-no: +86-10-51842426
country: CN
changed: ipas@cnnic.net.cn 20041208
mnt-by: MAINT-CNNIC-AP
source: CNNIC <div class="clear">
                 
              
              
        
            </div>
Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Source Insight在Ubuntu系统中的使用方法解析Source Insight在Ubuntu系统中的使用方法解析Jan 08, 2024 pm 11:49 PM

相信很多朋友在Windows下都习惯用SourceInsight来阅读分析源代码了,对于LINUX下面的工具,确实有比较高效的,配置起来起对比较麻烦,也比较繁琐,相信很多人肯定希望能在Linux下面也能用到SourceInsight,下面小编将为大家带来Ubuntu中SourceInsight的使用详解!一起去看看吧!这是我的系统信息:Linuxgavin-laptop2.6.32-40-generic#87-UbuntuSMPTueMar600:56:56UTC2012x86_64GNU/Li

source是什么按键呢source是什么按键呢Oct 10, 2023 pm 03:26 PM

source是切换输入信号源或选择不同的输入源的按键。通常出现在电视、投影仪、音响系统、电脑显示器等设备上。在电视上,source按键可以让用户切换不同的输入源,从而在电视上播放不同的内容。在投影仪上,source按键的作用类似,可以将不同的设备连接到投影仪上。在音响系统上,source按键用于切换不同的音频输入源。在电脑显示器上,source按键的作用与电视和投影仪类似等等。

RTX 4090 D with 48 GB and RTX 4080 Super with 32 GB: Modified GPUs appear in ChinaRTX 4090 D with 48 GB and RTX 4080 Super with 32 GB: Modified GPUs appear in ChinaAug 12, 2024 pm 09:49 PM

X user bdsqlsz recentlydiscoveredthat his cloud computing provider has both an Nvidia Geforce RTX 4090 D with 48 GB of RAM and a Geforce RTX 4080 Super with 32 GB of RAM. In both cases, this represents a doubling of the usual video memory. The user r

Pocket386 ultra-portable laptop quietly released with Win95 compatibility and uncommon processorPocket386 ultra-portable laptop quietly released with Win95 compatibility and uncommon processorJun 24, 2024 am 06:46 AM

The key specs of the new laptop are likely to remind some of their school days. It has 8 MB of memory and a 7-inch IPS display that supports 640 x 480 (4:3) and 800 x 480 modes; lots of retro ports and a 386 SX-compatible Ali M6117 processor running

BYD may avoid America\'s outsourcing mistakes with knock-down kits for export assemblyBYD may avoid America\'s outsourcing mistakes with knock-down kits for export assemblySep 13, 2024 am 09:15 AM

When the US started outsourcing its manufacturing industry to China in the 80s, the move was sold as a clever business strategy that generated hefty returns for shareholders. The short-term cost reductions, however, resulted not only in the loss of s

Deepin V23 RC2 arrives with tweaks galore and optimizations aplentyDeepin V23 RC2 arrives with tweaks galore and optimizations aplentyJun 28, 2024 am 07:45 AM

The AI-enabled Deepin Linux distro has just received its latest update, dubbed V23 RC2. This version of Deepin comes with a number of package updates and new features. But it's not all about the features; the look and feel are the main spotlight of t

Infinix Note 40s gets listed online with all features and specificationsInfinix Note 40s gets listed online with all features and specificationsJun 30, 2024 pm 09:32 PM

Infinix Note 40s is the newest addition to the Note 40 lineup. Not much is under wraps; the phone is now listed with all its features on the official webpage, as spotted by PassionateGeekz. Other phones currently found in the Infinix Note series (the

Apple Intelligence rolls out globally in iOS 18.1 beta 3 — EU and China still in Apple\'s dog boxApple Intelligence rolls out globally in iOS 18.1 beta 3 — EU and China still in Apple\'s dog boxAug 31, 2024 am 10:19 AM

Apple announced its Apple Intelligence features back in June, and they initially made an appearance in the latest iOS 18 beta versions for the iPhone 15 Pro models and any iPad or Mac with an M1 SoC or newer. However, there have been a few location-r

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

Hot Tools

WebStorm Mac version

WebStorm Mac version

Useful JavaScript development tools

DVWA

DVWA

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver Mac version

Dreamweaver Mac version

Visual web development tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor