360网站卫士php-dos,360doskill.php

$username = "360"; //设置用户名

$password = "360"; //设置密码

ob_start();

set_time_limit(0);

error_reporting(E_ALL & ~E_NOTICE);

$md5 = md5(md5($username).md5($password));

$realpath = realpath('./');

$selfpath = $_SERVER['PHP_SELF'];

$selfpath = substr($selfpath, 0, strrpos($selfpath,'/'));

define('REALPATH', str_replace('//','/',str_replace('\\','/',substr($realpath, 0, strlen($realpath) - strlen($selfpath)))));

define('MYFILE', basename(__FILE__));

define('MYPATH', str_replace('\\', '/', dirname(__FILE__)).'/');

define('MYFULLPATH', str_replace('\\', '/', (__FILE__)));

define('HOST', "http://".$_SERVER['HTTP_HOST']);

?>

360网站卫士-PHP-DOS攻击脚本专杀工具>

body{margin:0px;}

body,td{font: 12px Arial,Tahoma;line-height: 16px;}

a {color: #00f;text-decoration:underline;}

a:hover{color: #f00;text-decoration:none;}

.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;border-right: 1px solid #ddd;}

.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;border-right: 1px solid #ddd;}

.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#d6e9c6;padding:5px 10px 5px 5px;}

.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}

.head td span{font-weight:normal;}

if(!(isset($_COOKIE['360wzb']) && $_COOKIE['360wzb'] == $md5) && !(isset($_POST['username']) && isset($_POST['password']) && (md5(md5($_POST['username']).md5($_POST['password']))==$md5)))

{

echo '

PHP-DOS攻击脚本专杀工具用户名: 密码: ';

}

elseif(isset($_POST['username']) && isset($_POST['password']) && (md5(md5($_POST['username']).md5($_POST['password']))==$md5))

{

setcookie("360wzb", $md5, time()+60*60*24*365,"/");

echo "登陆成功！";

header( 'refresh: 1; url='.MYFILE.'?action=scan' );

exit();

}

else

{

setcookie("360wzb", $md5, time()+60*60*24*365,"/");

$action = isset($_GET['action'])?$_GET['action']:"";

if($action=="logout")

{

setcookie ("360wzb", "", time() - 3600);

Header("Location: ".MYFILE);

exit();

}

?>

$v = file_get_contents('http://data.wangzhan.360.cn/version.php');//检查版本更新

$v = explode('|',$v);

?>

PHP-DOS攻击脚本专杀工具 您的IP:<?php if($_SERVER['SERVER_ADDR']){echo $_SERVER['SERVER_ADDR'];}else{ echo $_SERVER['LOCAL_ADDR'];}?> | 系统时间:<?php echo date("Y-m-d H:i:s");?><?php if($v[2]){ echo "发现新版本，请立即更新到 V2.0 点击下载";} else {echo "当前已是最新版本";}?>

$dir = isset($_POST['path'])?$_POST['path']:MYPATH;

$dir = substr($dir,-1)!="/"?$dir."/":$dir;

?>

扫描路径:

if(isset($_POST['btnScan']))

{

$start=time();

$list = "";

if(!is_readable($dir))

$dir = MYPATH;

$count=$scanned=0;

find($dir);

$end=time();

$spent = ($end - $start);

?>

扫描: <?php echo $scanned?> 文件 | 发现: <?php echo $count?> 行恶意代码 | 耗时: <?php echo $spent?> 秒 | 请站长手动删除以下恶意文件

No.

恶意文件

所在行号

详细内容

echo $list;

?>

此页面是由 360网站卫士提供的PHP-DOS攻击脚本专杀工具页面，使用反馈请联系: dongfang-s@360.cn.

Copyright©2011-2013 360网站卫士

}

}

ob_flush();

?>

$self = basename($_SERVER['PHP_SELF']);

function cut_str($string, $sublen, $start = 0, $code = 'UTF-8') {

if ($code == 'UTF-8') {

$pa = "/[\x01-\x7f]|[\xc2-\xdf][\x80-\xbf]|\xe0[\xa0-\xbf][\x80-\xbf]|[\xe1-\xef][\x80-\xbf][\x80-\xbf]|\xf0[\x90-\xbf][\x80-\xbf][\x80-\xbf]|[\xf1-\xf7][\x80-\xbf][\x80-\xbf][\x80-\xbf]/";

preg_match_all($pa, $string, $t_string);

if (count($t_string[0]) - $start > $sublen) return join('', array_slice($t_string[0], $start, $sublen)) . "...";

return join('', array_slice($t_string[0], $start, $sublen));

} else {

$start = $start * 2;

$sublen = $sublen * 2;

$strlen = strlen($string);

$tmpstr = '';

for($i = 0; $i < $strlen; $i++) {

if ($i >= $start && $i < ($start + $sublen)) {

if (ord(substr($string, $i, 1)) > 129) {

$tmpstr .= substr($string, $i, 2);

} else {

$tmpstr .= substr($string, $i, 1);

}

}

if (ord(substr($string, $i, 1)) > 129) $i++;

}

if (strlen($tmpstr) < $strlen) $tmpstr .= "...";

return $tmpstr;

}

}

function find($directory) {

$self = basename($_SERVER['PHP_SELF']);

global $list,$count,$scanned;

$mydir = dir($directory);

while ($file = $mydir -> read()) {

if ((is_dir("$directory/$file")) && ($file != ".") && ($file != "..")) {

find("$directory/$file");

} else {

if($file != $self){

if ($file != "." && $file != ".." && preg_match("/.php/i", $file)) {

$fd = realpath($directory . "/" . $file);

$fp = fopen($fd, "r");

$scanned +=1;

$i = 0;

while ($buffer = fgets($fp, 4096)) {

$i++;

if ((preg_match('/(pfsockopen|fsockopen)\("(udp|tcp)/i', $buffer)) || (preg_match('/Php 2012 Terminator/i', $buffer)) || (preg_match('/[\$_GET|\$_REQUEST]\[\'rat\']/i', $buffer)) || (preg_match('/Tcp3 CC.center/i', $buffer)) || (preg_match('/xdos.s/i', $buffer)) || (preg_match('/儏摓煁晜泟/i', $buffer))) {

$count += 1;

$j = $count % 2 + 1;

$buffer = htmlspecialchars(cut_str($buffer,80,0));

$list.= "

$count$fd第 $i 行$buffer";

}

}

fclose($fp);

}

}

}

}

$mydir -> close();

}

?>

一键复制

编辑

Web IDE

原始数据

按行查看

历史