duanjian4331 2014-03-08 09:29
浏览 41
已采纳

Php和代码注入

The website for a client of mine continues to be "hacked" (I didn't do the website).The hacked pages contain a js script that loads an image and audio from youtube (Lol). Every page was modified and every page has a "news banner" .I'm pretty sure the problem is this part

    <?php 
$ul = new NewsList; 
$ul->Load(3); 
if($ul->Current() == null){ ?> 
<?php   } 
else{ 
for(; $ul->Current() != null; $ul->Next()){ 
$new = $ul->Current();

the complete implementation of this NewsList : http://pastebin.com/WuWjcJ4p

I'm not a php programmer so I don't get where the problem is....I'm not asking that someone going to explain every line, maybe only an advice , thank you

  • 写回答

1条回答 默认 最新

  • dpxyfa4718 2014-03-08 09:34
    关注

    Sounds like an SQL injection.

    I believe the loadById() method is injectable (depending on how you call it).

    Here is a way to strengthen it :

        function LoadById($id){
            $this->news = array();
            $this->current = 0;
            $this->total = 0;

            $ndb = new NewsDB('news');
            $result = $ndb->_query("SELECT * FROM ".$ndb->table." WHERE id = " . intval($id));
            $new = mysql_fetch_assoc($result);
            $n = new News($new['id'], $new['titolo'], $new['data'], $new['contenuto'], $new['img']);
            array_push($this->news, $n);
            unset($n);

            $this->total = 1;
    }

    Someone might have stolen the passwords from administration using this security flaw and edited the articles from the back-office.

    So I suggest you change this code, then change the passwords, delete all php sessions, and finally edit your articles to remove this "news banner".

    Note that it might as well be a stored XSS. Do you have a system which allows to comment the news?

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 目前主流的音乐软件,像网易云音乐,QQ音乐他们的前端和后台部分是用的什么技术实现的?求解!
  • ¥60 pb数据库修改与连接
  • ¥15 spss统计中二分类变量和有序变量的相关性分析可以用kendall相关分析吗?
  • ¥15 拟通过pc下指令到安卓系统,如果追求响应速度,尽可能无延迟,是不是用安卓模拟器会优于实体的安卓手机?如果是,可以快多少毫秒?
  • ¥20 神经网络Sequential name=sequential, built=False
  • ¥16 Qphython 用xlrd读取excel报错
  • ¥15 单片机学习顺序问题!!
  • ¥15 ikuai客户端多拨vpn,重启总是有个别重拨不上
  • ¥20 关于#anlogic#sdram#的问题,如何解决?(关键词-performance)
  • ¥15 相敏解调 matlab