ホームページ >バックエンド開発 >PHPチュートリアル >php 漏洞提问 急解决思路
php 漏洞提问 急....
我们网站不知道怎么的多了个test.php
内容如下 :
找了很多资料,也没看出个大概..
1. 我想知道这个一般是怎么注入到我们网站里的??
2. 它主要起什么作用??
我们网站其它原文件应该不会也被注入了吧...
------解决方案--------------------
1.首先在php.ini设定禁用eval函数(需确认系统中未使用此函数——普通系统很少用此函数)
2.搜索所有访问test.php的IP地址
搜集完资料后整理出来,报案。
inetnum: 222.32.0.0 - 222.63.255.255netname: CRTCdescr: CHINA RAILWAY TELECOMMUNICATIONS CENTERdescr: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.Chinacountry: CNadmin-c: LQ112-APtech-c: LM273-APstatus: ALLOCATED PORTABLEmnt-by: MAINT-CNNIC-APchanged: [email protected] 20030902source: APNICroute: 222.32.0.0/11descr: CHINA RAILWAY TELECOMMUNICATIONS CENTERcountry: CNorigin: AS9394mnt-by: MAINT-CN-CRTCchanged: [email protected] 20040402source: APNICperson: LV QIANGnic-hdl: LQ112-APe-mail: [email protected]address: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.Chinaphone: +86-10-51892111fax-no: +86-10-51847845country: CNchanged: [email protected] 20060911mnt-by: MAINT-CNNIC-APsource: APNICperson: liu minnic-hdl: LM273-APe-mail: [email protected]address: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.Chinaphone: +86-10-51848796fax-no: +86-10-51842426country: CNchanged: [email protected] 20041208mnt-by: MAINT-CNNIC-APsource: APNICinetnum: 222.32.0.0 - 222.63.255.255netname: CRTCdescr: CHINA RAILWAY TELECOMMUNICATIONS CENTERdescr: 22F Yuetan Mansion,Xicheng District,Beijing,Chinacountry: CNadmin-c: LQ112-CNtech-c: LM273-CNstatus: ALLOCATED PORTABLEchanged: [email protected] 20030902mnt-by: MAINT-CNNIC-APsource: CNNICperson: LV QIANGnic-hdl: LQ112-CNe-mail: [email protected]address: 22F Yuetan Mansion,Xicheng District,Beijingphone: +86-10-51892111fax-no: +86-10-51847845country: CNchanged: [email protected] 20060419mnt-by: MAINT-CNNIC-APsource: CNNICperson: liu minnic-hdl: LM273-CNe-mail: [email protected]address: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.Chinaphone: +86-10-51848796fax-no: +86-10-51842426country: CNchanged: [email protected] 20041208mnt-by: MAINT-CNNIC-APsource: CNNIC<div class="clear"> </div>