为什么刚装的discuz报毒
2022-7-4 18:34 来自 逝水年华 发布 @ Discuz!问题求助
webshell查杀发现/www/wwwroot/bbs.xxxx.cn目录中存在木马如下:
代码如下:复制代码
代码如下:
- <?php /** * (C)2001-2099 Comsenz Inc. * This is NOT a freeware, use is subject to license terms * * $Id: function_core.php 36342 2017-01-09 01:15:30Z nemohou $ */ if(!defined('IN_DISCUZ')) { exit('Access Denied'); } define('DISCUZ_CORE_FUNCTION', true); function durlencode($url) { static $fix = array('%21', '%2A','%3B', '%3A', '%40', '%26', '%3D', '%2B', '%24', '%2C', '%2F', '%3F', '%25', '%23', '%5B', '%5D'); static $replacements = array('!', '*', ';', ":", "@", "&", "=", "+", "$", ",", "/", "?", "%", "#", ""); return str_replace($fix, $replacements, urlencode($url)); } function system_error($message, $show = true, $save = true, $halt = true) { discuz_error::system_error($message, $show, $save, $halt); } function updatesession() { return C::app()->session->updatesession(); } function setglobal($key , $value, $group = null) { global $_G; $key = explode('/', $group === null ? $key : $group.'/'.$key); $p = &$_G; foreach ($key as $k) { if(!isset($p) || !is_array($p)) { $p = array(); } $p = &$p; } $p = $value; return true; } function getglobal($key, $group = null) { global $_G; $key = explode('/', $group === null ? $key : $group.'/'.$key); $v = &$_G; foreach ($key as $k) { if (!isset($v)) { return null; } $v = &$v; } return $v; } function getgpc($k, $type='GP') { $type = strtoupper($type); switch($type) { case 'G': $var = &$_GET; break; case 'P': $var = &$_POST; break; case 'C': $var = &$_COOKIE; break; default: if(isset($_GET)) { $var = &$_GET; } else { $var = &$_POST; } break; } return isset($var) ? $var : NULL; } function getuserbyuid($uid, $fetch_archive = 0) { static $users = array(); if(empty($users)) { $users = C::t('common_member'.($fetch_archive === 2 ? '_archive' : ''))->fetch($uid); if($fetch_archive === 1 && empty($users)) { $users = C::t('common_member_archive')->fetch($uid); } } if(!isset($users) && $uid == getglobal('uid') && getglobal('uid')) { $users = 1; } return $users; } function getuserprofile($field) { global $_G; if(isset($_G)) { return $_G; } static $tablefields = array( 'count' => array('extcredits1','extcredits2','extcredits3','extcredits4','extcredits5','extcredits6','extcredits7','extcredits8','friends','posts','threads','digestposts','doings','blogs','albums','sharings','attachsize','views','oltime','todayattachs','todayattachsize', 'follower', 'following', 'newfollower', 'blacklist'), 'status' => array('regip','lastip','lastvisit','lastactivity','lastpost','lastsendmail','invisible','buyercredit','sellercredit','favtimes','sharetimes','profileprogress'), 'field_forum' => array('publishfeed','customshow','customstatus','medals','sightml','groupterms','authstr','groups','attentiongroup'), 'field_home' => array('videophoto','spacename','spacedescription','domain','addsize','addfriend','menunum','theme','spacecss','blockposition','recentnote','spacenote','privacy','feedfriend','acceptemail','magicgift','stickblogs'), 'profile' => array('realname','gender','birthyear','birthmonth','birthday','constellation','zodiac','telephone','mobile','idcardtype','idcard','address','zipcode','nationality','birthprovince','birthcity','resideprovince','residecity','residedist','residecommunity','residesuite','graduateschool','company','education','occupation','position','revenue','affectivestatus','lookingfor','bloodtype','height','weight','alipay','icq','qq','yahoo','msn','taobao','site','bio','interest','field1','field2','field3','field4','field5','field6','field7','field8'), 'verify' => array('verify1', 'verify2', 'verify3', 'verify4', 'verify5', 'verify6', 'verify7'), ); $profiletable = ''; foreach($tablefields as $table => $fields) { if(in_array($field, $fields)) { $profiletable = $table; break; } } if($profiletable) { if(is_array($_G) && $_G) { space_merge($_G, $profiletable); } else { foreach($tablefields as $k) { $_G = ''; } } return $_G; } return null; } function daddslashes($string, $force = 1) { if(is_array($string)) { $keys = array_keys($string); foreach($keys as $key) { $val = $string; unset($string); $string = daddslashes($val, $force); } } else { $string = addslashes($string); } return $string; } function authcode($string, $operation = 'DECODE', $key = '', $expiry = 0) { $ckey_length = 4; $key = md5($key != '' ? $key : getglobal('authkey')); $keya = md5(substr($key, 0, 16)); $keyb = md5(substr($key, 16, 16)); $keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length): substr(md5(microtime()), -$ckey_length)) : ''; $cryptkey = $keya.md5($keya.$keyc); $key_length = strlen($cryptkey); $string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$keyb), 0, 16).$string; $string_length = strlen($string); $result = ''; $box = range(0, 255); $rndkey = array(); for($i = 0; $i <= 255; $i++) { $rndkey = ord($cryptkey); } for($j = $i = 0; $i < 256; $i++) { $j = ($j + $box + $rndkey) % 256; $tmp = $box; $box = $box; $box = $tmp; } for($a = $j = $i = 0; $i < $string_length; $i++) { $a = ($a + 1) % 256; $j = ($j + $box) % 256; $tmp = $box; $box = $box; $box = $tmp; $result .= chr(ord($string) ^ ($box[($box + $box)); } if($operation == 'DECODE') { if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) === substr(md5(substr($result, 26).$keyb), 0, 16)) { return substr($result, 26); } else { return ''; } } else { return $keyc.str_replace('=', '', base64_encode($result)); } } function fsocketopen($hostname, $port = 80, &$errno, &$errstr, $timeout = 15) { $fp = ''; if(function_exists('fsockopen')) { $fp = @fsockopen($hostname, $port, $errno, $errstr, $timeout); } elseif(function_exists('pfsockopen')) { $fp = @pfsockopen($hostname, $port, $errno, $errstr, $timeout); } elseif(function_exists('stream_socket_client')) { $fp = @stream_socket_client($hostname.':'.$port, $errno, $errstr, $timeout); } return $fp; } function dfsockopen($url, $limit = 0, $post = '', $cookie = '', $bysocket = FALSE, $ip = '', $timeout = 15, $block = TRUE, $encodetype = 'URLENCODE', $allowcurl = TRUE, $position = 0, $files = array()) { require_once libfile('function/filesock'); return _dfsockopen($url, $limit, $post, $cookie, $bysocket, $ip, $timeout, $block, $encodetype, $allowcurl, $position, $files); } function dhtmlspecialchars($string, $flags = null) { if(is_array($string)) { foreach($string as $key => $val) { $string = dhtmlspecialchars($val, $flags); } } else { if($flags === null) { $string = str_replace(array('&', '"', '<', '>'), array('&', '"', '<', '>'), $string); } else { if(PHP_VERSION < '5.4.0') { $string = htmlspecialchars($string, $flags); } else { if(strtolower(CHARSET) == 'utf-8') { $charset = 'UTF-8'; } else { $charset = 'ISO-8859-1'; } $string = htmlspecialchars($string, $flags, $charset); } } } return $string; } function dexit($message = '') { echo $message; output(); exit(); } function dheader($string, $replace = true, $http_response_code = 0) { $islocation = substr(strtolower(trim($string)), 0, 8) == 'location'; if(defined('IN_MOBILE') && strpos($string, 'mobile') === false && $islocation) { if (strpos($string, '?') === false) { $string = $string.'?mobile='.IN_MOBILE; } else { if(strpos($string, '#') === false) { $string = $string.'&mobile='.IN_MOBILE; } else { $str_arr = explode('#', $string); $str_arr = $str_arr.'&mobile='.IN_MOBILE; $string = implode('#', $str_arr); } } } $string = str_replace(array("\r", "\n"), array('', ''), $string); if(empty($http_response_code) || PHP_VERSION < '4.3' ) { @header($string, $replace); } else { @header($string, $replace, $http_response_code); } if($islocation) { exit(); } } function dsetcookie($var, $value = '', $life = 0, $prefix = 1, $httponly = false) { global $_G; $config = $_G; $_G = $value; $var = ($prefix ? $config : '').$var; $_COOKIE = $value; if($value === '' || $life < 0) { $value = ''; $life = -1; } if(defined('IN_MOBILE')) { $httponly = false; } $life = $life > 0 ? getglobal('timestamp') + $life : ($life < 0 ? getglobal('timestamp') - 31536000 : 0); $path = $httponly && PHP_VERSION < '5.2.0' ? $config.'; HttpOnly' : $config; $secure = $_G; if(PHP_VERSION < '5.2.0') { setcookie($var, $value, $life, $path, $config, $secure); } else { setcookie($var, $value, $life, $path, $config, $secure, $httponly); } } function getcookie($key) { global $_G; return isset($_G) ? $_G : ''; } function fileext($filename) { return addslashes(strtolower(substr(strrchr($filename, '.'), 1, 10))); } function formhash($specialadd = '') { global $_G; $hashadd = defined('IN_ADMINCP') ? 'Only For Discuz! Admin Control Panel' : ''; return substr(md5(substr($_G, 0, -7).$_G.$_G.$_G.$hashadd.$specialadd), 8, 8); } function checkrobot($useragent = '') { static $kw_spiders = array('bot', 'crawl', 'spider' ,'slurp', 'sohu-search', 'lycos', 'robozilla'); static $kw_browsers = array('msie', 'netscape', 'opera', 'konqueror', 'mozilla'); $useragent = strtolower(empty($useragent) ? $_SERVER : $useragent); if(dstrpos($useragent, $kw_spiders)) return true; if(strpos($useragent, 'http://') === false && dstrpos($useragent, $kw_browsers)) return false; return false; } function checkmobile() { global $_G; $mobile = array(); static $touchbrowser_list =array('iphone', 'android', 'phone', 'mobile', 'wap', 'netfront', 'java', 'opera mobi', 'opera mini', 'ucweb', 'windows ce', 'symbian', 'series', 'webos', 'sony', 'blackberry', 'dopod', 'nokia', 'samsung', 'palmsource', 'xda', 'pieplus', 'meizu', 'midp', 'cldc', 'motorola', 'foma', 'docomo', 'up.browser', 'up.link', 'blazer', 'helio', 'hosin', 'huawei', 'novarra', 'coolpad', 'webos', 'techfaith', 'palmsource', 'alcatel', 'amoi', 'ktouch', 'nexian', 'ericsson', 'philips', 'sagem', 'wellcom', 'bunjalloo', 'maui', 'smartphone', 'iemobile', 'spice', 'bird', 'zte-', 'longcos', 'pantech', 'gionee', 'portalmmm', 'jig browser', 'hiptop', 'benq', 'haier', '^lct', '320x320', '240x320', '176x220', 'windows phone'); static $wmlbrowser_list = array('cect', 'compal', 'ctl', 'lg', 'nec', 'tcl', 'alcatel', 'ericsson', 'bird', 'daxian', 'dbtel', 'eastcom', 'pantech', 'dopod', 'philips', 'haier', 'konka', 'kejian', 'lenovo', 'benq', 'mot', 'soutec', 'nokia', 'sagem', 'sgh', 'sed', 'capitel', 'panasonic', 'sonyericsson', 'sharp', 'amoi', 'panda', 'zte'); static $pad_list = array('ipad'); $useragent = strtolower($_SERVER); if(dstrpos($useragent, $pad_list)) { return false; } if(($v = dstrpos($useragent, $touchbrowser_list, true))){ $_G = $v; return '2'; } if(($v = dstrpos($useragent, $wmlbrowser_list))) { $_G = $v; return '3'; //wml版 } $brower = array('mozilla', 'chrome', 'safari', 'opera', 'm3gate', 'winwap', 'openwave', 'myop'); if(dstrpos($useragent, $brower)) return false; $_G = 'unknown'; if(isset($_G[$_GET)) { return true; } else { return false; } } function dstrpos($string, $arr, $returnvalue = false) { if(empty($string)) return false; foreach((array)$arr as $v) { if(strpos($string, $v) !== false) { $return = $returnvalue ? $v : true; return $return; } } return false; } function isemail($email) { return strlen($email) > 6 && strlen($email) <= 32 && preg_match("/^(+)@(++)$/", $email); } function quescrypt($questionid, $answer) { return $questionid > 0 && $answer != '' ? substr(md5($answer.md5($questionid)), 16, 8) : ''; } function random($length, $numeric = 0) { $seed = base_convert(md5(microtime().$_SERVER), 16, $numeric ? 10 : 35); $seed = $numeric ? (str_replace('0', '', $seed).'012340567890') : ($seed.'zZ'.strtoupper($seed)); if($numeric) { $hash = ''; } else { $hash = chr(rand(1, 26) + rand(0, 1) * 32 + 64); $length--; } $max = strlen($seed) - 1; for($i = 0; $i < $length; $i++) { $hash .= $seed; } return $hash; } function strexists($string, $find) { return !(strpos($string, $find) === FALSE); } function avatar($uid, $size = 'middle', $returnsrc = FALSE, $real = FALSE, $static = FALSE, $ucenterurl = '') { global $_G; if($_G) { $_G = ''; $param = func_get_args(); hookscript('avatar', 'global', 'funcs', array('param' => $param), 'avatar'); if($_G) { return $_G; } } static $staticavatar; if($staticavatar === null) { $staticavatar = $_G; } $ucenterurl = empty($ucenterurl) ? $_G : $ucenterurl; $size = in_array($size, array('big', 'middle', 'small')) ? $size : 'middle'; $uid = abs(intval($uid)); if(!$staticavatar && !$static) { $timestamp = $uid == $_G ? "&ts=1" : ""; return $returnsrc ? $ucenterurl.'/avatar.php?uid='.$uid.'&size='.$size.($real ? '&type=real' : '').$timestamp : '<img src="'.$ucenterurl.'/avatar.php?uid='.$uid.'&size='.$size.($real ? '&type=real' : '').$timestamp.'" />'; } else { $uid = sprintf("%09d", $uid); $dir1 = substr($uid, 0, 3); $dir2 = substr($uid, 3, 2); $dir3 = substr($uid, 5, 2); $file = $ucenterurl.'/data/avatar/'.$dir1.'/'.$dir2.'/'.$dir3.'/'.substr($uid, -2).($real ? '_real' : '').'_avatar_'.$size.'.jpg'; return $returnsrc ? $file : '<img src="'.$file.'" onerror="this.onerror=null;this.src=\''.$ucenterurl.'/images/noavatar_'.$size.'.gif\'" />'; } } function lang($file, $langvar = null, $vars = array(), $default = null) { global $_G; $fileinput = $file; list($path, $file) = explode('/', $file); if(!$file) { $file = $path; $path = ''; } if(strpos($file, ':') !== false) { $path = 'plugin'; list($file) = explode(':', $file); } if($path != 'plugin') { $key = $path == '' ? $file : $path.'_'.$file; if(!isset($_G)) { include DISCUZ_ROOT.'./source/language/'.($path == '' ? '' : $path.'/').'lang_'.$file.'.php'; $_G = $lang; } if(defined('IN_MOBILE') && !defined('TPL_DEFAULT')) { include DISCUZ_ROOT.'./source/language/mobile/lang_template.php'; $_G = ar
- 最近查阅:
免责声明:
DZ插件网AI平台旨在开源共享精神,请勿发布敏感信息,任何违法信息我们将移交公安机关;
下一篇: 我改怎么禁止用户修改密码和一些设置
