源码论坛公告:有很多假冒锦尚中国网址和名称的网站出现,还有声称是跟我们合作网站,请擦亮眼睛避免被骗,本站唯一域名为52jscn.com 【点击此处将锦尚放在桌面

源码论坛,商业源码下载,尽在锦尚中国商业源码论坛

 找回密码
 会员注册

QQ登录

只需一步,快速开始

源码论坛,商业源码,源码下载
知名广告联盟 精准不扣量站长任务网 交易安全可靠
企业免备案主机仅需80元
搜狗联盟招募 收益最高
亿恩免费建网站 服务器特价
【微信魔方】微信营销平台
【多线高防】无视一切攻击!
双线至强VPS 仅此一家
百度站长平台 精确提升SEO
21广告位高权重链接招租
旅游网解决方案 大型旅游门户
大型装修门户助您抢占商机天翼云主机 四川资源池开启微信小程序
微信营销项目诚招代理
锦尚中国源码论坛广告
微信源码微信营销源码源码下载网站源码源码论坛
 【ios企业签名】免费试用 
网站源码下载,商业源码下载,源码论坛,网站源码,php源码,asp源码全部就在锦尚中国源码论坛
源码下载,源码论坛,网站源码,php源码,asp源码全部就在锦尚中国源码论坛
网站源码下载,商业源码下载,源码论坛,网站源码,php源码,asp源码全部就在锦尚中国源码论坛
源码下载,源码论坛,网站源码,php源码,asp源码全部就在锦尚中国源码论坛
网站源码下载,商业源码下载,源码论坛,网站源码,php源码,asp源码全部就在锦尚中国源码论坛
查看: 1153|回复: 0

修复虚拟主机或linux/nginx主机存在可执行脚本权限漏洞而被注入并运行木马的风险

[复制链接]

1674

主题

1805

帖子

1172万

金币

超级版主

Rank: 8Rank: 8

积分
23445542
发表于 2018-6-6 21:51 | 显示全部楼层 |阅读模式
锦尚中国源码论坛

本文适用于虚拟主机或LINUX主机的用户朋友,因为虚拟主机或LINUX的主机,不方便直接操作目录权限(即使操作了,也不完全能修复),因此我们是通过设置伪静态的方法,来实现漏洞修复,具体步骤如下:

一、伪静态规则是.htaccess的用户参照这里:

打开.htaccess,将以下代码复制在这个文件底部,保存即可。

RewriteRule upload/(.*).(PHP)$ – [L,NC]
RewriteRule upload/(.*).(asp)$ – [L,NC]
RewriteRule upload1/(.*).(php)$ – [L,NC]
RewriteRule upload1/(.*).(asp)$ – [L,NC]
RewriteRule upload2/(.*).(php)$ – [L,NC]
RewriteRule upload2/(.*).(asp)$ – [L,NC]
RewriteRule upload3/(.*).(php)$ – [L,NC]
RewriteRule upload3/(.*).(asp)$ – [L,NC]
RewriteRule ad/(.*).(PHP)$ – [L,NC]
RewriteRule ad/(.*).(asp)$ – [L,NC]
RewriteRule gg/(.*).(PHP)$ – [L,NC]
RewriteRule gg/(.*).(asp)$ – [L,NC]
RewriteRule uploadfile/(.*).(php)$ – [L,NC]
RewriteRule uploadfile/(.*).(asp)$ – [L,NC]
RewriteRule userphoto/(.*).(php)$ – [L,NC]
RewriteRule userphoto/(.*).(asp)$ – [L,NC]
RewriteRule attached/(.*).(php)$ – [L,NC]
RewriteRule attached/(.*).(asp)$ – [L,NC]
RewriteRule img/(.*).(php)$ – [L,NC]
RewriteRule img/(.*).(asp)$ – [L,NC]
RewriteRule homeimg/(.*).(php)$ – [L,NC]
RewriteRule homeimg/(.*).(asp)$ – [L,NC]
RewriteRule js/(.*).(php)$ – [L,NC]
RewriteRule js/(.*).(asp)$ – [L,NC]
RewriteRule css/(.*).(php)$ – [L,NC]
RewriteRule css/(.*).(asp)$ – [L,NC]

二、伪静态规则是httpd.ini的用户参照这里:

打开httpd.ini,将以下代码复制在这个文件底部,保存即可。

RewriteRule /config/ueditor/php/upload/(.*).PHP$ /css/ [I]
RewriteRule /config/ueditor/php/upload/(.*).asp$ /css/ [I]
RewriteRule /config/ueditor/php/upload1/(.*).php$ /css/ [I]
RewriteRule /config/ueditor/php/upload1/(.*).asp$ /css/ [I]
RewriteRule /config/ueditor/php/upload2/(.*).php$ /css/ [I]
RewriteRule /config/ueditor/php/upload2/(.*).asp$ /css/ [I]
RewriteRule /config/ueditor/php/upload3/(.*).php$ /css/ [I]
RewriteRule /config/ueditor/php/upload3/(.*).asp$ /css/ [I]
RewriteRule /config/ueditor_mini/php/upload/(.*).php$ /css/ [I]
RewriteRule /config/ueditor_mini/php/upload/(.*).asp$ /css/ [I]
RewriteRule /config/ueditor_mini/php/upload1/(.*).php$ /css/ [I]
RewriteRule /config/ueditor_mini/php/upload1/(.*).asp$ /css/ [I]
RewriteRule /config/ueditor_mini/php/upload2/(.*).php$ /css/ [I]
RewriteRule /config/ueditor_mini/php/upload2/(.*).asp$ /css/ [I]
RewriteRule /config/ueditor_mini/php/upload3/(.*).php$ /css/ [I]
RewriteRule /config/ueditor_mini/php/upload3/(.*).asp$ /css/ [I]
RewriteRule /ad/(.*).php$ /css/ [I]
RewriteRule /ad/(.*).asp$ /css/ [I]
RewriteRule /js/(.*).php$ /css/ [I]
RewriteRule /js/(.*).asp$ /css/ [I]
RewriteRule /homeimg/(.*).php$ /css/ [I]
RewriteRule /homeimg/(.*).asp$ /css/ [I]
RewriteRule /css/(.*).php$ /css/ [I]
RewriteRule /css/(.*).asp$ /css/ [I]
RewriteRule /gg/(.*).php$ /css/ [I]
RewriteRule /gg/(.*).asp$ /css/ [I]
RewriteRule /img/(.*).php$ /css/ [I]
RewriteRule /img/(.*).asp$ /css/ [I]
RewriteRule /userphoto/(.*).php$ /css/ [I]
RewriteRule /userphoto/(.*).asp$ /css/ [I]
RewriteRule /upload/(.*).php$ /css/ [I]
RewriteRule /upload/(.*).asp$ /css/ [I]
RewriteRule /ckeditor/attached/(.*).php$ /css/ [I]
RewriteRule /ckeditor/attached/(.*).asp$ /css/ [I]
RewriteRule /config/loveedit/uploadfile/(.*).PHP$ /css/ [I]
RewriteRule /config/loveedit/uploadfile/(.*).asp$ /css/ [I]

三、nginx伪静态的,参考如下:

将以下规则复制进伪静态文件里即可

location ~* ^/((.*)upload|ad|gg|img|homeimg|js|css|ckeditor\/attached|(.*)upload1|(.*)upload2|(.*)upload3)/.*\.(php|php5|asp)$
{
deny all;
}

四、IIS7,建立一个UTF8格式的文件,命名为web.config,将以下代码复制到这个文件中

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <handlers accessPolicy="Read" />
    </system.webServer>
</configuration>

然后将这个文件web.config传到后台提示的漏洞文件夹中

如果以上的这个IIS7方法不适用, 请用以下代码

<rule name="p1">
<match url="^ad/(.*).php" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="a1">
<match url="^ad/(.*).asp" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="p0">
<match url="^gg/(.*).php" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="a0">
<match url="^gg/(.*).asp" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="p2">
<match url="(.*)upload/(.*).php" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="a2">
<match url="(.*)upload/(.*).asp" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="p3">
<match url="(.*)upload1/(.*).php" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="a3">
<match url="(.*)upload1/(.*).asp" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="p4">
<match url="(.*)upload2/(.*).php" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="a4">
<match url="(.*)upload2/(.*).asp" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="p5">
<match url="(.*)upload3/(.*).php" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="a5">
<match url="(.*)upload3/(.*).asp" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="p6">
<match url="^img/(.*).php" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="a6">
<match url="^img/(.*).asp" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="p7">
<match url="^ckeditor/attached/(.*).php" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="a7">
<match url="^ckeditor/attached/(.*).asp" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="p8">
<match url="^css/(.*).php" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="a8">
<match url="^css/(.*).asp" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="p9">
<match url="^js/(.*).php" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="a9">
<match url="^js/(.*).asp" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="p10">
<match url="^homeimg/(.*).php" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
<rule name="a10">
<match url="^homeimg/(.*).asp" ignoreCase="false" />
<action type="Rewrite" url="/css/" appendQueryString="false" />
</rule>
锦尚中国源码论坛,源码下载,商业源码,微信源码
您需要登录后才可以回帖 登录 | 会员注册

本版积分规则

锦尚中国源码

锦尚中国,为中国网站设计添动力 ( 鲁ICP备09033200号 )

GMT+8, 2018-12-12 13:53 , Processed in 0.131992 second(s), 26 queries .

带宽由 锦尚数据 提供 专业的数据中心

© 2008-2010 52jscn Inc. 非法入侵必将受到法律制裁 法律顾问:IT法律网 锦尚爱心