设为首页收藏本站
切换到宽版

Discuz!官方免费开源建站系统

 找回密码
 立即注册
搜索
Discuz!官方免费开源建站系统»论坛 增值产品交流与讨论 UCenter Home 专区 UCenter Home-BUG 反馈 聚宝“小子傻傻的”
返回列表 发新帖

[不是BUG] 聚宝“小子傻傻的”

[复制链接]
HuaiBoY 发表于 2009-6-3 19:06:04 | 显示全部楼层 |阅读模式
本帖最后由 茄子 于 2009-6-5 10:47 编辑

举报恶意插件
https://discuz.dismall.com/thread-1316222-1-1.html


妈的我装了后整站的空间链接全部跳转到http://www.jjcute.com/
回复

使用道具 举报

 楼主| HuaiBoY 发表于 2009-6-3 19:07:03 | 显示全部楼层
急,求解决方法,现在在全部覆盖官方原文件!

我的站:www.ihongren.com
请官方来人看下!!!
回复

使用道具 举报

 楼主| HuaiBoY 发表于 2009-6-3 19:11:54 | 显示全部楼层
解决了,用官方的UCH source文件夹里的文件全部覆盖下!
请官方及时清理该恶意插件,以免有更多的无辜受害者。

举报恶意插件
https://discuz.dismall.com/thread-1316222-1-1.html
回复

使用道具 举报

 楼主| HuaiBoY 发表于 2009-6-3 19:14:34 | 显示全部楼层
恶意代码安装文件中的内容【请官方工作人员帮忙看下,都有哪些破坏,和窃取了我的资料,我感觉数据库的信息被窃取了】

【下面是该恶意插件,执行文件的全部代码】

  2. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  3. <html xmlns="http://www.w3.org/1999/xhtml">
  4. <head>
  5. <meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
  6. <title>安装/升级文件</title>
  7. </head>
  8. <body>
  9. <?php
  10. /*
  11. [UCenter Home] (C) 2007-2008 Comsenz Inc.
  12. $Id: index_install.php 10953 2009-01-12 02:55:37Z liguode $
  13. */
  14. include_once('./common.php');

  16. if($_SGLOBAL['db']->query("CREATE TABLE IF NOT EXISTS `".tname('musicbox')."` (`songid` mediumint(8) unsigned NOT NULL auto_increment,`albumid` mediumint(8) unsigned NOT NULL default '0',`userid` mediumint(8) unsigned NOT NULL,`usersay` text character set utf8,`songname` varchar(255) character set utf8 NOT NULL,`label` varchar(255) character set utf8 default NULL,`singer` varchar(255) character set utf8 default NULL,`Categories` varchar(255) character set utf8 default NULL,`lang` int(4) unsigned NOT NULL,`songurl` varchar(255) character set utf8 NOT NULL,`lyric` text character set utf8,`commenduser` varchar(255) character set utf8 default NULL,`collectionuser` varchar(255) character set utf8 default NULL,`commendtotal` int(8) unsigned NOT NULL default '0',`playtotal` int(8) unsigned NOT NULL default '0',`upload` int(4) unsigned NOT NULL default '1',`down` int(4) unsigned default '0',`comment` varchar(255) character set utf8 default NULL,`dataline` int(10) unsigned NOT NULL,PRIMARY KEY  (`songid`))")){
  17.   echo "数据表<span style='color:#FF0000'>".tname('musicbox')."</span>安装成功!<br /><br />";
  18. }
  19. if($_SGLOBAL['db']->query("CREATE TABLE IF NOT EXISTS `".tname('musicbox_album')."` (`albumid` mediumint(8) unsigned NOT NULL auto_increment,`userid` mediumint(8) unsigned NOT NULL,`albumname` varchar(255) character set utf8 NOT NULL,`albumfengmian` varchar(255) character set utf8 NOT NULL,`dataline` int(10) unsigned NOT NULL,PRIMARY KEY  (`albumid`))")){
  20.   echo "数据表<span style='color:#FF0000'>".tname('musicbox_album')."</span>安装成功!<br /><br />";
  21. }
  22. if($_SGLOBAL['db']->query("CREATE TABLE IF NOT EXISTS `".tname('musicbox_mybox')."` (`id` mediumint(8) unsigned NOT NULL auto_increment,`boxuserid` mediumint(8) unsigned NOT NULL,`boxsongid` mediumint(8) unsigned NOT NULL,`boxorder` int(4) unsigned NOT NULL default '0',`page` int(4) unsigned NOT NULL default '0',PRIMARY KEY  (`id`))")){
  23.   echo "数据表<span style='color:#FF0000'>".tname('musicbox_mybox')."</span>安装成功!<br /><br />";
  24. }
  25. if($_SGLOBAL['db']->query("CREATE TABLE IF NOT EXISTS `".tname('musicbox_pingfen')."` (`id` mediumint(8) unsigned NOT NULL auto_increment,`songid` mediumint(8) unsigned NOT NULL,`puserid` mediumint(8) unsigned NOT NULL,`mark` int(4) unsigned NOT NULL,`dateline` int(10) unsigned NOT NULL,PRIMARY KEY  (`id`))")){
  26.   echo "数据表<span style='color:#FF0000'>".tname('musicbox_pingfen')."</span>安装成功!<br /><br />";
  27. }
  28. if($_SGLOBAL['db']->query("CREATE TABLE IF NOT EXISTS `".tname('musicbox_pinglun')."` (`id` mediumint(8) unsigned NOT NULL auto_increment,`songid` mediumint(8) unsigned NOT NULL,`puserid` mediumint(8) unsigned NOT NULL,`pltext` text character set utf8,`dateline` int(10) unsigned NOT NULL,PRIMARY KEY  (`id`))")){
  29.   echo "数据表<span style='color:#FF0000'>".tname('musicbox_pinglun')."</span>安装成功!<br /><br />";
  30. }
  31. if($_SGLOBAL['db']->query("CREATE TABLE IF NOT EXISTS `".tname('musicbox_disk')."` (`diskid` mediumint(8) unsigned NOT NULL auto_increment,`userid` mediumint(8) unsigned NOT NULL,`fileurl` varchar(255) character set utf8 NOT NULL,`filename` varchar(255) character set utf8 NOT NULL,`filedescription` varchar(255) character set utf8 default NULL,`dateline` int(10) unsigned NOT NULL,PRIMARY KEY  (`diskid`))")){
  32.   echo "数据表<span style='color:#FF0000'>".tname('musicbox_disk')."</span>安装成功!<br /><br />";
  33. }

  35. $configfile = S_ROOT.'./space.php';
  36. $configcontent = sreadfile($configfile);
  37. if(!strpos($configcontent,"'musicbox',")){
  38.   $configcontent = str_replace("'pm',","'musicbox','pm',",$configcontent);
  39.   $fp111 = fopen($configfile, 'w');
  40.   fwrite($fp111, trim($configcontent));
  41.   fclose($fp111);
  42.   
  43. }
  44. fclose($fp111);
  45. echo "文件<span style='color:#FF0000'>space.php</span>已修改成功<br />";

  47. $configfile = S_ROOT.'./do.php';
  48. $configcontent = sreadfile($configfile);
  49. if(!strpos($configcontent,"'ajaxm',")){
  50.   $configcontent = str_replace("'ajax',","'ajaxm','ajax',",$configcontent);
  51.   $fp111 = fopen($configfile, 'w');
  52.   fwrite($fp111, trim($configcontent));
  53.   fclose($fp111);
  54. }
  55. fclose($fp111);
  56. echo "文件<span style='color:#FF0000'>do.php</span>已修改成功<br />";

  58. $configfile = S_ROOT.'./template/default/header.htm';
  59. $configcontent = sreadfile($configfile);
  60. if(!strpos($configcontent,'<script type="text/javascript" src="js/SuggestFramework.js"></script>')){
  61.   $configcontent = str_replace('<script language="javascript" type="text/javascript" src="source/script_manage.js"></script>','<script language="javascript" type="text/javascript" src="source/script_manage.js"></script>'.chr(10).'<script type="text/javascript" src="js/SuggestFramework.js"></script>'.chr(10).'<script type="text/javascript">window.onload = initializeSuggestFramework;</script>',$configcontent);
  62.   $fp111 = fopen($configfile, 'w');
  63.   fwrite($fp111, trim($configcontent));
  64.   fclose($fp111);
  65. }
  66. fclose($fp111);
  67. echo "文件<span style='color:#FF0000'>header.htm</span>已修改成功<br />";


  70. $configfile = S_ROOT.'./template/default/space_index.htm';
  71. $configcontent = sreadfile($configfile);
  72. if(!strpos($configcontent,"cmp.swf?src=$spacemusicbg[songurl]")){
  73.   $configcontent = str_replace('<img src="<!--{avatar($space[uid],big)}-->" alt="{$_SN[$space[uid]]}" />','<img src="<!--{avatar($space[uid],big)}-->" alt="{$_SN[$space[uid]]}" />'.chr(10).'<!--{if !empty($spacemusicbg) && $_SGLOBAL[supe_uid]}-->'.chr(10).'<div>'.chr(10).'<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,124,0" width="100%" height="24" id="cmp">'.chr(10).'<param name="movie" value="cmp.swf?src=$spacemusicbg[songurl]&skin_src=mini/mini02.zip&auto_play=1&play_mode=1&context_menu=0&show_tip=0&plugins_disabled=1&c.swf" />'.chr(10).'<param name="quality" value="high" />'.chr(10).'<param name="allowFullScreen" value="true" />'.chr(10).'<param name="allowScriptAccess" value="always" />'.chr(10).'<param name="wmode" value="Transparent"/>'.chr(10).'<embed pluginspage="http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="100%" height="24" name="cmp" src="cmp.swf?src=$spacemusicbg[songurl]&skin_src=mini/mini02.zip&auto_play=1&play_mode=1&context_menu=0&show_tip=0&plugins_disabled=1&c.swf" quality="high"  allowfullscreen="true" allowscriptaccess="always" wmode="Transparent" ></embed>'.chr(10).'</object>'.chr(10).'</div>'.chr(10).'<<!--{if !empty($spacemusicbg[albumfengmian])}--><a href="space.php?uid=$spacemusicbg[userid]&do=musicbox&mview=malbum&albumid=$spacemusicbg[albumid]&userspace=$spacemusicbg[userid]" target="_blank">$spacemusicbg[albumname]</a><!--{else}--><a href="space.php?uid=$spacemusicbg[userid]&do=musicbox&mview=malbum&albumid=true&userspace=$spacemusicbg[userid]" target="_blank">默认专辑</a><!--{/if}-->>专辑<br /><!--{if !empty($spacemusicbg[albumfengmian])}--><a href="space.php?uid=$spacemusicbg[userid]&do=musicbox&mview=malbum&albumid=$spacemusicbg[albumid]&userspace=$spacemusicbg[userid]" target="_blank"><img src="$spacemusicbg[albumfengmian]" style="border:solid 1px #A19D9A;" /></a><!--{/if}-->'.chr(10).'<!--{/if}-->',$configcontent);
  74.   $fp111 = fopen($configfile, 'w');
  75.   fwrite($fp111, trim($configcontent));
  76.   fclose($fp111);
  77. }
  78. fclose($fp111);
  79. echo "文件<span style='color:#FF0000'>space_index.htm</span>已修改成功<br />";


  82. $configfile = S_ROOT.'./source/space_index.php';
  83. $configcontent = sreadfile($configfile);
  84. if(!strpos($configcontent,"source/function_music.php")){
  85.   $configcontent = str_replace("\$_SGLOBAL['space_theme'] = \$space['theme'];","include_once(S_ROOT.'./source/function_music.php');".chr(10)."\$spacemusicbg = array();".chr(10)."\$spacemusicbg = getmusicbg(\$space['uid']);".chr(10)."\$_SGLOBAL['space_theme'] = \$space['theme'];",$configcontent);
  86.   $fp111 = fopen($configfile, 'w');
  87.   fwrite($fp111, trim($configcontent));
  88.   fclose($fp111);
  89. }
  90. fclose($fp111);
  91. echo "文件<span style='color:#FF0000'>space_index.php</span>已修改成功<br />";


  94. $configfile = S_ROOT.'./config.php';
  95. $configcontent = sreadfile($configfile);
  96. //if(!strpos($configcontent,"music_upload")){
  97.   $configcontent = preg_replace("/(?:tplrefresh)([\w\W]*?)mysql/is","tplrefresh']  = 0;".chr(10).chr(10).chr(10)."\$_SC['music_upload'] = '1';".chr(10)."\$_SC['music_link'] = '1';".chr(10)."\$_SC['music_integralset'] = '1';".chr(10)."\$_SC['music_i_upload'] = '5';".chr(10)."\$_SC['music_i_upload_del'] = '-5';".chr(10)."\$_SC['music_i_addlink'] = '3';".chr(10)."\$_SC['music_i_addlink_del'] = '-3';".chr(10)."\$_SC['music_i_addzj'] = '2';".chr(10)."\$_SC['music_i_addzj_del'] = '-1';".chr(10)."\$_SC['music_i_pingfen'] = '1';".chr(10)."\$_SC['music_i_pinglun'] = '1';".chr(10)."\$_SC['music_i_pinglun_del'] = '-3';".chr(10)."\$_SC['music_i_share'] = '4';".chr(10)."\$_SC['music_play_auto'] = '0';".chr(10)."\$_SC['music_down_auto'] = '0';".chr(10)."\$_SC['music_palyer_style'] = '0';".chr(10)."\$_SC['music_i_disk'] = '1';".chr(10).chr(10).chr(10)."define('UC_CONNECT', 'mysql",$configcontent);
  98.   //$configcontent = str_replace("\$_SC['tplrefresh']  = 0;","\$_SC['tplrefresh']  = 0;".chr(10).chr(10)."\$_SC['music_upload'] = '1';".chr(10)."\$_SC['music_link'] = '1';".chr(10)."\$_SC['music_integralset'] = '1';".chr(10)."\$_SC['music_i_upload'] = '5';".chr(10)."\$_SC['music_i_upload_del'] = '-5';".chr(10)."\$_SC['music_i_addlink'] = '3';".chr(10)."\$_SC['music_i_addlink_del'] = '-3';".chr(10)."\$_SC['music_i_addzj'] = '2';".chr(10)."\$_SC['music_i_addzj_del'] = '-1';".chr(10)."\$_SC['music_i_pingfen'] = '1';".chr(10)."\$_SC['music_i_pinglun'] = '1';".chr(10)."\$_SC['music_i_pinglun_del'] = '-3';".chr(10)."\$_SC['music_i_share'] = '4';".chr(10)."\$_SC['music_play_auto'] = '0';".chr(10)."\$_SC['music_down_auto'] = '0';".chr(10)."\$_SC['music_palyer_style'] = '0';".chr(10)."\$_SC['music_i_disk'] = '1';",$configcontent);
  99.   $fp111 = fopen($configfile, 'w');
  100.   fwrite($fp111, trim($configcontent));
  101.   fclose($fp111);
  102. //}
  103. fclose($fp111);
  104. echo "文件<span style='color:#FF0000'>config.php</span>已配置成功<br />";


  107. function change_match_string($str){
  108.   $old=array("/","$");
  109.   $new=array("\/","\$");
  110.   $str=str_replace($old,$new,$str);
  111.   return $str;
  112. }
  113.          
  114. ?>
  115. </body>
  116. </html>
复制代码
回复

使用道具 举报

pc77maikongjian 发表于 2009-6-4 09:53:55 | 显示全部楼层
看看先,感谢楼主的反馈哦
回复

使用道具 举报

幸福摩天轮 发表于 2009-6-4 16:25:28 | 显示全部楼层
正在处理。谢谢lz反馈
回复

使用道具 举报

幸福摩天轮 发表于 2009-6-4 16:34:12 | 显示全部楼层
UCHOME 中刚开发一款音乐应用:
http://uchome.developer.manyou.c ... ;my_suffix=Lw%3D%3D
回复

使用道具 举报

幸福摩天轮 发表于 2009-6-4 16:35:24 | 显示全部楼层
UCHOME 中刚开发一款音乐应用:
http://uchome.developer.manyou.c ... ;my_suffix=Lw%3D%3D
回复

使用道具 举报

bysheng 发表于 2009-8-31 21:05:55 | 显示全部楼层
恩  支持 啊
回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

手机版|小黑屋|Discuz! 官方站 ( 皖ICP备16010102号 )star

GMT+8, 2025-11-4 22:30 , Processed in 0.132733 second(s), 14 queries , Gzip On.

Powered by Discuz! X3.4

Copyright © 2001-2023, Tencent Cloud.

快速回复 返回顶部 返回列表