Temos pavadinimas: WordPress, Shopify ir PHPFusion programuotojų bendruomenė :: trojanas

Parašė Dandžu· 2008 Lie. 16 10:07:52
#13

Nu susikuri .php failą ir į jį įrašai šitą. Tada suvedi savo duomenis kur reikia ir viskas.
<?php
$email = "tavo@emailas.lt";
$req = $_SERVER['REQUEST_URI'];
$cadena = explode("?", $req);
$mi_url = $cadena[0];
$resto = $cadena[1];

$inyecc='/SERVER|http|<|>|%3c|%3e|SELECT|UNION|UPDATE|INSERT/i';

if (preg_match($inyecc, $resto)) {
   $ip = $HTTP_SERVER_VARS["HTTP_CLIENT_IP"];
   $forwarded = $HTTP_SERVER_VARS["HTTP_X_FORWARDED_FOR"];
   $remoteaddress = $HTTP_SERVER_VARS["REMOTE_ADDR"];
   // message and kill execution
   ban('bomzas');   
}
function ban($type="bomzas") {
    global $_SERVER,$ip,$forwarded,$remoteaddress, $email;
    $atidaryti = fopen(".htaccess", "a+");
    @fwrite($atidaryti, "\n#".date()." - FROM:".$_SERVER["HTTP_REFERER"]." - REQ:".$_SERVER['REQUEST_METHOD']." - FILE:".basename($_SERVER['SCRIPT_FILENAME'])." - QUERY:".$_SERVER['QUERY_STRING']."\ndeny from ".$_SERVER['REMOTE_ADDR']."\n");
    @fclose($atidaryti);
    @chmod(".htaccess", 0777);
   
    if ($type == "bomzas") {
        $message = "
".date()." - FROM:".$_SERVER["HTTP_REFERER"]."\n -\n REQ:".$_SERVER['REQUEST_METHOD']."\n -\n FILE:".basename($_SERVER['SCRIPT_FILENAME'])."\n -\n QUERY:".$_SERVER['QUERY_STRING']."\n -\n IP:".$_SERVER['REMOTE_ADDR']."\n\n
--------- end --------------------";
    }
    mail($email, $type." - web-trojanas - ".date()."", $message,"From: host@{$_SERVER['SERVER_NAME']}");
    die("<h1>$type</h1>DRAUD?IAMA!<hr/>Susisiekite su administracija: ".$email);
}
?>