0

让我先说我不知道​​ php。我不是后端程序员,我只做前端。我的未婚夫经营着一个我的世界服务器,我同意建立他的网站让他帮忙。他要求在 php 中添加一些与他的 phpbb 论坛相关的东西。我在研究如何做到这一点时发现并将这些方法嵌入到网站中,然后它就被启动了。但他的网站不断被黑。

我们第一次被黑客入侵时,我们删除了所有的 ftp 帐户,只保留了一个带有一个密码的帐户。我们更改了此帐户的密码 我们删除了所有不是我们创建的文件和文件夹,并用我们的本地文件覆盖了服务器上的文件

今天早上,它第二次被黑了,我们注意到有一个新的 ftp 帐户以及各种文件夹和子文件夹下的数千个文件。我们询问了我们的主机,他们说它必须是 php/script 中的一个漏洞。我不知道如何保护它。我不知道这个漏洞在哪里。我花了一段时间寻找保护它的方法,并且一直在阅读有关 php 过滤器的信息,但我只是不明白如何实现它们?

以下是网站上唯一的 php 代码片段: 这个基本上只是为用户连接到论坛:

    <?php
    define('IN_PHPBB', true);
    $phpbb_root_path = '../forums/';
    $phpEx = substr(strrchr(__FILE__, '.'), 1);
    include($phpbb_root_path . 'common.' . $phpEx);
    // Start session management
    $user->session_begin();
    $auth->acl($user->data);
    $user->setup();
    ?>

    <?php if($user->data['is_registered'])
    {
        //User is already logged in
        echo '<div id="login">Welcome, ' . $user->data['username'] . ' ';
        $l_message_new = ($user->data['user_new_privmsg'] == 1) ? $user->lang['NEW_PM'] : $user->lang['NEW_PMS'];
        $l_privmsgs_text = sprintf($l_message_new, $user->data['user_new_privmsg']);
        echo '<span><a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx",         'i=pm&amp;folder=inbox') . '">' . $l_privmsgs_text . '</a></span></div><div         id="loginlayer"></div>';
        }
    else
    {
            echo ' ';
    }
         //user is not logged in  
    ?>

然后我有一个表格,一旦填写就会在他们的论坛上创建一个线程:

    <?php
    /**
    *
    * @package phpBB3
    * @version $Id: twitpost.php,v1.0.0 2010/05/31 2:43 PM PPCW2 Exp $
    * @license http://opensource.org/licenses/gpl-license.php GNU Public License
    *
    */

    /**
    * @ignore
    */

    define('IN_PHPBB', true);
    $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : '../forums/';
    $phpbb_admin_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : '../forums/';
    $phpEx = substr(strrchr(__FILE__, '.'), 1);
    include($phpbb_root_path . 'common.' . $phpEx);
    include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
    include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
    include($phpbb_root_path . 'includes/message_parser.' . $phpEx);

    // Start session management
    $user->session_begin();
    $auth->acl($user->data);
    $user->setup('common');


    $tmsg = request_var('tmsg', ''); // getting data from the submitted HTML form (name of the feild should be tmsg)
    $tt = request_var('tt', ''); // getting data from the submitted HTML form (name of the feild should be tt)
    $un = request_var('un', ''); // getting data from the submitted HTML form (name of the feild should be un)
    $username = "$un";
    $message = "[b]Username[/b]: " . $username . "\n" . "[b]Details[/b]: " . $tmsg . "\n";
    $forum = 14; //change to your forum id here

    $time = time();
    $rawsubject = "$tt";
    $my_subject   = utf8_normalize_nfc($rawsubject, '', true);
    $my_text   = utf8_normalize_nfc($message, '', true);

    // variables to hold the parameters for submit_post
    $poll = $uid = $bitfield = $options = '';

    generate_text_for_storage($my_subject, $uid, $bitfield, $options, false, false, false);
    generate_text_for_storage($my_text, $uid, $bitfield, $options, true, true, true);

    $data = array(
           'forum_id'      => $forum,
           'icon_id'      => false,

           'enable_bbcode'      => true,
           'enable_smilies'   => true,
           'enable_urls'      => true,
           'enable_sig'      => true,

           'message'      => $my_text,
           'message_md5'   => md5($my_text),

           'bbcode_bitfield'   => $bitfield,
           'bbcode_uid'      => $uid,

           'post_edit_locked'   => 0,
           'topic_title'      => $my_subject,
           'notify_set'      => false,
           'notify'         => false,
           'post_time'       => 0,
           'forum_name'      => '',
           'enable_indexing'   => true,
    );

    submit_post('post', $my_subject, $user->data['username'], POST_NORMAL, $poll, $data);
    $redirect_url = append_sid("{$phpbb_root_path}/viewforum.$phpEx?f=$forum", false, true, $user->session_id);
    meta_refresh(2, $redirect_url); 
    trigger_error('Issue Posted' . '<br /><br />Taking you to the issues forum ' . sprintf('<a href="' . $redirect_url . '">', '</a>'));
    ?>

然后是登录表单:

    <?php if($user->data['is_registered'])
    {
        //User is already logged in
        echo '<div id="loginarea" class="bluebox">
        <h1>Log In</h1>You are already logged in!</div>';
        }
    else
    {
            echo '<div id="loginarea" class="bluebox">
        <h1>Log In</h1><form method="POST" action="/forums/ucp.php?mode=login">
            <p><span>Enter your Username:</span><br>
    <input type="text" name="username"><br>

            <span>Password:</span><br>
    <input type="password" name="password"><br>

    <input type="submit" class="btns donatebtn" value="Submit" name="login">
    <input type="hidden" name="redirect" value="../index.php">
    </form></div>';
    }
         //user is not logged in  
    ?>

就是这样!有什么建议么?太感谢了

4

2 回答 2

1

如果有人正在登录服务器并创建 FTP 帐户,那么您为什么还要查看 PHP。如果他们能够登录服务器,则服务器用户名/密码必须是微不足道的,否则其他地方存在严重的安全错误!

您需要查看某人如何能够登录到服务器。

于 2013-03-09T20:34:23.053 回答
0

我认为这可能在 Serverfault 上问得更好——那里已经有一个关于如何处理受损服务器的出色回复。主要建议之一是重建系统,而不是仅仅尝试简单地删除帐户和更改密码等,因为您不知道它们是如何进入的,并且更改密码不太可能阻止它再次发生,如果它实际利用。非常值得一读:

https://serverfault.com/questions/218005/how-do-i-deal-with-a-compromised-server/218011#218011

于 2013-03-09T21:24:52.200 回答