1

我的网站被黑了,我可以在我的 joomla 管理员登录页面上看到登录页面

这是登录页面的网址:

http://societ.us/administrator/index.php

黑客添加了代码(在第 13-15 行):

  <style type="text/css">
html { display:none }
  </style>

您知道如何删除该代码吗?

我检查了下面的几个文件(还有更多),但我还没有找到

在 /home/societ/societ.us/administrator/templates/isis/login.php

<?php
/**
 * @package     Joomla.Administrator
 * @subpackage  Templates.isis
 *
 * @copyright   Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
 * @license     GNU General Public License version 2 or later; see LICENSE.txt
 */

defined('_JEXEC') or die;

$app = JFactory::getApplication();
$doc = JFactory::getDocument();
$lang = JFactory::getLanguage();

// Add JavaScript Frameworks
JHtml::_('bootstrap.framework');
JHtml::_('bootstrap.tooltip');

// Add Stylesheets
$doc->addStyleSheet('templates/' .$this->template. '/css/template.css');

// Load optional RTL Bootstrap CSS
JHtml::_('bootstrap.loadCss', false, $this->direction);

// Load specific language related CSS
$file = 'language/' . $lang->getTag() . '/' . $lang->getTag() . '.css';
if (is_file($file))
{
    $doc->addStyleSheet($file);
}

// Detecting Active Variables
$option   = $app->input->getCmd('option', '');
$view     = $app->input->getCmd('view', '');
$layout   = $app->input->getCmd('layout', '');
$task     = $app->input->getCmd('task', '');
$itemid   = $app->input->getCmd('Itemid', '');
$sitename = $app->getCfg('sitename');

// Check if debug is on
$config = JFactory::getConfig();
$debug  = (boolean) $config->get('debug');
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $this->language; ?>" lang="<?php echo $this->language; ?>" dir="<?php echo $this->direction; ?>" >
<head>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
    <jdoc:include type="head" />
    <script type="text/javascript">
        window.addEvent('domready', function ()
        {
            document.getElementById('form-login').username.select();
            document.getElementById('form-login').username.focus();
        });
    </script>
    <style type="text/css">
        /* Responsive Styles */
        @media (max-width: 480px) {
            .view-login .container {
                margin-top: -170px;
            }
            .btn {
                font-size: 13px;
                padding: 4px 10px 4px;
            }
        }
        <?php if ($debug) : ?>
            .view-login .container {
                position: static;
                margin-top: 20px;
                margin-left: auto;
                margin-right: auto;
            }
            .view-login .navbar-fixed-bottom {
                display: none;
            }
        <?php endif; ?>
    </style>
    <!--[if lt IE 9]>
        <script src="../media/jui/js/html5.js"></script>
    <![endif]-->
</head>

<body class="site <?php echo $option . " view-" . $view . " layout-" . $layout . " task-" . $task . " itemid-" . $itemid . " ";?>">
    <!-- Container -->
    <div class="container">
        <div id="content">
            <!-- Begin Content -->
            <div id="element-box" class="login well">
                <img src="<?php echo $this->baseurl; ?>/templates/<?php echo $this->template ?>/images/joomla.png" alt="Joomla!" />
                <hr />
                <jdoc:include type="message" />
                <jdoc:include type="component" />
            </div>
            <noscript>
                <?php echo JText::_('JGLOBAL_WARNJAVASCRIPT') ?>
            </noscript>
            <!-- End Content -->
        </div>
    </div>
    <div class="navbar navbar-fixed-bottom hidden-phone">
        <p class="pull-right">&copy; <?php echo $sitename; ?> <?php echo date('Y');?></p>
        <a class="login-joomla" href="http://www.joomla.org" class="hasTooltip" title="<?php echo JHtml::tooltipText('TPL_ISIS_ISFREESOFTWARE');?>">Joomla!&#174;</a>
        <a href="<?php echo JUri::root(); ?>" class="pull-left"><i class="icon-share icon-white"></i> <?php echo JText::_('COM_LOGIN_RETURN_TO_SITE_HOME_PAGE') ?></a>
    </div>
    <jdoc:include type="modules" name="debug" style="none" />
</body>
</html>

在 /home/societ/societ.us/administrator/templates/isis/index.php

<?php
/**
 * @package     Joomla.Administrator
 * @subpackage  Templates.isis
 * @copyright   Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
 * @license     GNU General Public License version 2 or later; see LICENSE.txt
 * @since       3.0
 */

defined('_JEXEC') or die;

$app   = JFactory::getApplication();
$doc   = JFactory::getDocument();
$lang  = JFactory::getLanguage();
$this->language = $doc->language;
$this->direction = $doc->direction;
$input = $app->input;
$user  = JFactory::getUser();

// Add JavaScript Frameworks
JHtml::_('bootstrap.framework');
$doc->addScript('templates/' .$this->template. '/js/template.js');

// Add Stylesheets
$doc->addStyleSheet('templates/' . $this->template . '/css/template.css');

// Load optional RTL Bootstrap CSS
JHtml::_('bootstrap.loadCss', false, $this->direction);

// Load specific language related CSS
$file = 'language/' . $lang->getTag() . '/' . $lang->getTag() . '.css';
if (is_file($file))
{
    $doc->addStyleSheet($file);
}

// Detecting Active Variables
$option   = $input->get('option', '');
$view     = $input->get('view', '');
$layout   = $input->get('layout', '');
$task     = $input->get('task', '');
$itemid   = $input->get('Itemid', '');
$sitename = $app->getCfg('sitename');

$cpanel = ($option === 'com_cpanel');

$showSubmenu = false;
$this->submenumodules = JModuleHelper::getModules('submenu');
foreach ($this->submenumodules as $submenumodule)
{
    $output = JModuleHelper::renderModule($submenumodule);
    if (strlen($output))
    {
        $showSubmenu = true;
        break;
    }
}

// Logo file
if ($this->params->get('logoFile'))
{
    $logo = JUri::root() . $this->params->get('logoFile');
}
else
{
    $logo = $this->baseurl . "/templates/" . $this->template . "/images/logo.png";
}

// Template Parameters
$displayHeader = $this->params->get('displayHeader', '1');
$statusFixed = $this->params->get('statusFixed', '1');
$stickyToolbar = $this->params->get('stickyToolbar', '1');
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $this->language; ?>" lang="<?php echo $this->language; ?>" dir="<?php echo $this->direction; ?>">
<head>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <jdoc:include type="head" />
    <?php
    // Template color
    if ($this->params->get('templateColor'))
    {
    ?>
    <style type="text/css">
        .navbar-inner, .navbar-inverse .navbar-inner, .dropdown-menu li > a:hover, .dropdown-menu .active > a, .dropdown-menu .active > a:hover, .navbar-inverse .nav li.dropdown.open > .dropdown-toggle, .navbar-inverse .nav li.dropdown.active > .dropdown-toggle, .navbar-inverse .nav li.dropdown.open.active > .dropdown-toggle, #status.status-top
        {
            background: <?php echo $this->params->get('templateColor');?>;
        }
        .navbar-inner, .navbar-inverse .nav li.dropdown.open > .dropdown-toggle, .navbar-inverse .nav li.dropdown.active > .dropdown-toggle, .navbar-inverse .nav li.dropdown.open.active > .dropdown-toggle{
            -moz-box-shadow: 0 1px 3px rgba(0, 0, 0, .25), inset 0 -1px 0 rgba(0, 0, 0, .1), inset 0 30px 10px rgba(0, 0, 0, .2);
            -webkit-box-shadow: 0 1px 3px rgba(0, 0, 0, .25), inset 0 -1px 0 rgba(0, 0, 0, .1), inset 0 30px 10px rgba(0, 0, 0, .2);
            box-shadow: 0 1px 3px rgba(0, 0, 0, .25), inset 0 -1px 0 rgba(0, 0, 0, .1), inset 0 30px 10px rgba(0, 0, 0, .2);
        }
    </style>
    <?php
    }
    ?>
    <?php
    // Template header color
    if ($this->params->get('headerColor'))
    {
    ?>
    <style type="text/css">
        .header
        {
            background: <?php echo $this->params->get('headerColor');?>;
        }
    </style>
    <?php
    }
    ?>

    <!-- Sidebar background color -->
    <?php if ($this->params->get('sidebarColor')) : ?>
    <style type="text/css">
        .nav-list > .active > a, .nav-list > .active > a:hover
        {
            background: <?php echo $this->params->get('sidebarColor'); ?>;
        }
    </style>
    <?php endif; ?>

    <!--[if lt IE 9]>
        <script src="../media/jui/js/html5.js"></script>
    <![endif]-->
</head>

<body class="admin <?php echo $option . " view-" . $view . " layout-" . $layout . " task-" . $task . " itemid-" . $itemid . " ";?>" <?php if ($stickyToolbar) : ?>data-spy="scroll" data-target=".subhead" data-offset="87"<?php endif;?>>
    <!-- Top Navigation -->
    <nav class="navbar navbar-inverse navbar-fixed-top">
        <div class="navbar-inner">
            <div class="container-fluid">
                <?php if ($this->params->get('admin_menus') != '0') : ?>
                    <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
                        <span class="icon-bar"></span>
                        <span class="icon-bar"></span>
                        <span class="icon-bar"></span>
                    </a>
                <?php endif; ?>
                <a class="brand" href="<?php echo JUri::root(); ?>" title="<?php echo JText::sprintf('TPL_ISIS_PREVIEW', $sitename);?>" target="_blank"><?php echo JHtml::_('string.truncate', $sitename, 14, false, false);?> <i class="icon-out-2 small"></i></a>
                <?php if ($this->params->get('admin_menus') != '0') : ?>
                <div class="nav-collapse">
                <?php else : ?>
                <div>
                <?php endif; ?>
                    <jdoc:include type="modules" name="menu" style="none" />
                    <ul class="<?php if ($this->direction == 'rtl') : ?>nav<?php else : ?>nav pull-right<?php endif; ?>">
                        <li class="dropdown"> <a class="dropdown-toggle" data-toggle="dropdown" href="#"><?php echo $user->name; ?> <b class="caret"></b></a>
                            <ul class="dropdown-menu">
                                <li class=""><a href="index.php?option=com_admin&task=profile.edit&id=<?php echo $user->id;?>"><?php echo JText::_('TPL_ISIS_EDIT_ACCOUNT');?></a></li>
                                <li class="divider"></li>
                                <li class=""><a href="<?php echo JRoute::_('index.php?option=com_login&task=logout&'. JSession::getFormToken() .'=1');?>"><?php echo JText::_('TPL_ISIS_LOGOUT');?></a></li>
                            </ul>
                        </li>
                    </ul>
                </div>
                <!--/.nav-collapse -->
            </div>
        </div>
    </nav>
    <!-- Header -->
    <?php
    if ($displayHeader):
    ?>
    <header class="header">
        <div class="container-fluid">
            <div class="row-fluid">
                <div class="span2 container-logo">
                    <a class="logo" href="<?php echo $this->baseurl; ?>"><img src="<?php echo $logo;?>" alt="<?php echo $sitename; ?>" /></a>
                </div>
                <div class="span10">
                    <?php if (isset($app->JComponentTitle)) : ?>
                        <h1 class="page-title"><?php echo JHtml::_('string.truncate', $app->JComponentTitle, 0, false, false);?></h1>
                    <?php else : ?>
                        <h1 class="page-title"><?php echo JHtml::_('string.truncate', '', 0, false, false);?></h1>
                    <?php endif; ?>
                </div>
            </div>
        </div>
    </header>
    <?php
    endif;
    ?>
    <?php
    if ((!$statusFixed) && ($this->countModules('status'))):
    ?>
    <!-- Begin Status Module -->
    <div id="status" class="navbar status-top hidden-phone">
        <div class="btn-toolbar">
            <jdoc:include type="modules" name="status" style="no" />
        </div>
        <div class="clearfix"></div>
    </div>
    <!-- End Status Module -->
    <?php
    endif;
    ?>
    <?php
    if (!$cpanel):
    ?>
    <!-- Subheader -->
    <a class="btn btn-subhead" data-toggle="collapse" data-target=".subhead-collapse"><?php echo JText::_('TPL_ISIS_TOOLBAR');?> <i class="icon-wrench"></i></a>
    <div class="subhead-collapse collapse">
        <div class="subhead">
            <div class="container-fluid">
                <div id="container-collapse" class="container-collapse"></div>
                <div class="row-fluid">
                    <div class="span12">
                        <jdoc:include type="modules" name="toolbar" style="no" />
                    </div>
                </div>
            </div>
        </div>
    </div>
    <?php
    else:
    ?>
    <div style="margin-bottom: 20px"></div>
    <?php
    endif;
    ?>
    <!-- container-fluid -->
    <div class="container-fluid container-main">
        <section id="content">
            <!-- Begin Content -->
            <jdoc:include type="modules" name="top" style="xhtml" />
            <div class="row-fluid">
                <?php if ($showSubmenu) : ?>
                    <div class="span2">
                        <jdoc:include type="modules" name="submenu" style="none" />
                    </div>
                    <div class="span10">
                <?php else : ?>
                    <div class="span12">
                <?php endif; ?>
                        <jdoc:include type="message" />
                        <?php
                        // Show the page title here if the header is hidden
                        if (!$displayHeader):
                        ?>
                        <h1 class="content-title"><?php echo JHtml::_('string.truncate', $app->JComponentTitle, 0, false, false);?></h1>
                        <?php
                        endif;
                        ?>
                        <jdoc:include type="component" />
                    </div>
            </div>
            <?php if ($this->countModules('bottom')) : ?>
                <jdoc:include type="modules" name="bottom" style="xhtml" />
            <?php endif; ?>
            <!-- End Content -->
        </section>

        <?php if (!$this->countModules('status') || (!$statusFixed && $this->countModules('status'))) : ?>
            <footer class="footer">
                <p align="center">
                <jdoc:include type="modules" name="footer" style="no" />
                &copy; <?php echo $sitename; ?> <?php echo date('Y');?></p>
            </footer>
        <?php endif; ?>
    </div>
    <?php if (($statusFixed) && ($this->countModules('status'))) : ?>
    <!-- Begin Status Module -->
    <div id="status" class="navbar navbar-fixed-bottom hidden-phone">
        <div class="btn-toolbar">
            <div class="btn-group pull-right">
                <p><jdoc:include type="modules" name="footer" style="no" />
                &copy; <?php echo $sitename; ?> <?php echo date('Y');?></p>

            </div>
            <jdoc:include type="modules" name="status" style="no" />
        </div>
    </div>
    <!-- End Status Module -->
    <?php endif; ?>
    <jdoc:include type="modules" name="debug" style="none" />
    <?php if ($stickyToolbar) : ?>
    <script>
        (function($){
            // fix sub nav on scroll
            var $win = $(window)
              , $nav = $('.subhead')
              , navTop = $('.subhead').length && $('.subhead').offset().top - <?php if ($displayHeader || !$statusFixed) : ?>40<?php else:?>20<?php endif;?>
              , isFixed = 0

            processScroll()

            // hack sad times - holdover until rewrite for 2.1
            $nav.on('click', function ()
            {
                if (!isFixed) setTimeout(function () {  $win.scrollTop($win.scrollTop() - 47) }, 10)
            })

            $win.on('scroll', processScroll)

            function processScroll()
            {
                var i, scrollTop = $win.scrollTop()
                if (scrollTop >= navTop && !isFixed)
                {
                    isFixed = 1
                    $nav.addClass('subhead-fixed')
                } else if (scrollTop <= navTop && isFixed)
                {
                    isFixed = 0
                    $nav.removeClass('subhead-fixed')
                }
            }
        })(jQuery);
    </script>
    <?php endif; ?>
</body>
</html>

先感谢您

4

2 回答 2

0

如果您在文件中看不到它,我们也看不到......
黑客可能已经更改了数百个文件。

看起来好像它是模板中的东西,但它可以像管理员的插件一样简单。

在 Firefox 或 Chrome 中使用Inspect Element,并删除 HTML 样式。登录到您的管理员,并继续手动删除 HTML 样式,直到您发现黑客做了什么。

于 2013-09-25T09:01:28.017 回答
0

它可能被注入<jdoc:include type="head" />.

出于调试目的,尝试删除此行并查看“恶意”CSS 是否仍然存在。

如果不是,那么代码实际上被注入到这个 Joomla 包含中。要编辑 Joomla 调用的文件,请转到:

/libraries/joomla/document/html/renderer/head.php

并尝试寻找任何不寻常的东西。

如果您出于某种原因不想手动解决此问题,请尝试将 Joomla重新安装到已经存在的网站上(注意不要覆盖您当前的配置、数据库和模板),我相信这会解决此问题.

于 2013-09-26T08:46:50.617 回答