• 您好!欢迎来到百智盟
  • 注册
  • 登录
  • 【虚拟主机或linux/nginx主机】存在可执行脚本权限漏洞,有被注入并运行木马的风险的解决方法

    • 时间:2020-11-23 09:23 编辑: 来源: 阅读:59
    • 扫一扫,手机访问
    摘要:本文适用于虚拟主机或LINUX主机的用户朋友,因为虚拟主机或LINUX的主机,不方便直接操作目录权限(即使操作了,也不完全能修复),因此我们是通过设置伪静态的方法,来实现漏洞修复,具体步骤如下:一、伪静态规则是.htaccess的用户参照这里:打开.htaccess,将以下代码复制在这个文件底部,保存即可。RewriteRule upload/(.*).(PHP)$ – [L,NC]RewriteRule upload/(.*).(as

    本文适用于虚拟主机或LINUX主机的用户朋友,因为虚拟主机或LINUX的主机,不方便直接操作目录权限(即使操作了,也不完全能修复),因此我们是通过设置伪静态的方法,来实现漏洞修复,具体步骤如下:

    一、伪静态规则是.htaccess的用户参照这里:

    打开.htaccess,将以下代码复制在这个文件底部,保存即可。

    RewriteRule upload/(.*).(PHP)$ – [L,NC]

    RewriteRule upload/(.*).(asp)$ – [L,NC]

    RewriteRule upload1/(.*).(php)$ – [L,NC]

    RewriteRule upload1/(.*).(asp)$ – [L,NC]

    RewriteRule upload2/(.*).(php)$ – [L,NC]

    RewriteRule upload2/(.*).(asp)$ – [L,NC]

    RewriteRule upload3/(.*).(php)$ – [L,NC]

    RewriteRule upload3/(.*).(asp)$ – [L,NC]

    RewriteRule ad/(.*).(PHP)$ – [L,NC]

    RewriteRule ad/(.*).(asp)$ – [L,NC]

    RewriteRule gg/(.*).(PHP)$ – [L,NC]

    RewriteRule gg/(.*).(asp)$ – [L,NC]

    RewriteRule uploadfile/(.*).(php)$ – [L,NC] 

    RewriteRule uploadfile/(.*).(asp)$ – [L,NC]

    RewriteRule userphoto/(.*).(php)$ – [L,NC]

    RewriteRule userphoto/(.*).(asp)$ – [L,NC]

    RewriteRule attached/(.*).(php)$ – [L,NC]

    RewriteRule attached/(.*).(asp)$ – [L,NC]

    RewriteRule img/(.*).(php)$ – [L,NC]

    RewriteRule img/(.*).(asp)$ – [L,NC]

    RewriteRule homeimg/(.*).(php)$ – [L,NC]

    RewriteRule homeimg/(.*).(asp)$ – [L,NC]

    RewriteRule js/(.*).(php)$ – [L,NC]

    RewriteRule js/(.*).(asp)$ – [L,NC]

    RewriteRule css/(.*).(php)$ – [L,NC]

    RewriteRule css/(.*).(asp)$ – [L,NC]


    二、伪静态规则是httpd.ini的用户参照这里:

    打开httpd.ini,将以下代码复制在这个文件底部,保存即可。

    RewriteRule /config/ueditor/php/upload/(.*).PHP$ /css/ [I]

    RewriteRule /config/ueditor/php/upload/(.*).asp$ /css/ [I]

    RewriteRule /config/ueditor/php/upload1/(.*).php$ /css/ [I]

    RewriteRule /config/ueditor/php/upload1/(.*).asp$ /css/ [I]

    RewriteRule /config/ueditor/php/upload2/(.*).php$ /css/ [I]

    RewriteRule /config/ueditor/php/upload2/(.*).asp$ /css/ [I]

    RewriteRule /config/ueditor/php/upload3/(.*).php$ /css/ [I]

    RewriteRule /config/ueditor/php/upload3/(.*).asp$ /css/ [I]

    RewriteRule /config/ueditor_mini/php/upload/(.*).php$ /css/ [I]

    RewriteRule /config/ueditor_mini/php/upload/(.*).asp$ /css/ [I]

    RewriteRule /config/ueditor_mini/php/upload1/(.*).php$ /css/ [I]

    RewriteRule /config/ueditor_mini/php/upload1/(.*).asp$ /css/ [I]

    RewriteRule /config/ueditor_mini/php/upload2/(.*).php$ /css/ [I]

    RewriteRule /config/ueditor_mini/php/upload2/(.*).asp$ /css/ [I]

    RewriteRule /config/ueditor_mini/php/upload3/(.*).php$ /css/ [I]

    RewriteRule /config/ueditor_mini/php/upload3/(.*).asp$ /css/ [I]

    RewriteRule /ad/(.*).php$ /css/ [I]

    RewriteRule /ad/(.*).asp$ /css/ [I]

    RewriteRule /js/(.*).php$ /css/ [I]

    RewriteRule /js/(.*).asp$ /css/ [I]

    RewriteRule /homeimg/(.*).php$ /css/ [I]

    RewriteRule /homeimg/(.*).asp$ /css/ [I]

    RewriteRule /css/(.*).php$ /css/ [I]

    RewriteRule /css/(.*).asp$ /css/ [I]

    RewriteRule /gg/(.*).php$ /css/ [I]

    RewriteRule /gg/(.*).asp$ /css/ [I]

    RewriteRule /img/(.*).php$ /css/ [I]

    RewriteRule /img/(.*).asp$ /css/ [I]

    RewriteRule /userphoto/(.*).php$ /css/ [I]

    RewriteRule /userphoto/(.*).asp$ /css/ [I]

    RewriteRule /upload/(.*).php$ /css/ [I]

    RewriteRule /upload/(.*).asp$ /css/ [I]

    RewriteRule /ckeditor/attached/(.*).php$ /css/ [I]

    RewriteRule /ckeditor/attached/(.*).asp$ /css/ [I]

    RewriteRule /config/loveedit/uploadfile/(.*).PHP$ /css/ [I]

    RewriteRule /config/loveedit/uploadfile/(.*).asp$ /css/ [I]


    三、nginx伪静态的,参考如下:

    将以下规则复制进伪静态文件里即可

    location ~* ^/((.*)upload|ad|gg|img|homeimg|js|css|ckeditor/attached|(.*)upload1|(.*)upload2|(.*)upload3)/.*.(php|php5|asp)$

    {

    deny all;

    }


    四、IIS7,建立一个UTF8格式的文件,命名为web.config,将以下代码复制到这个文件中

    <?xml version="1.0" encoding="UTF-8"?>

    <configuration>

        <system.webServer>

            <handlers accessPolicy="Read" />

        </system.webServer>

    </configuration>

    然后将这个文件web.config传到后台提示的漏洞文件夹中

    如果以上的这个IIS7方法不适用, 请用以下代码


    <rule name="p1">

    <match url="^ad/(.*).php" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="a1">

    <match url="^ad/(.*).asp" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="p0">

    <match url="^gg/(.*).php" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="a0">

    <match url="^gg/(.*).asp" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="p2">

    <match url="(.*)upload/(.*).php" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="a2">

    <match url="(.*)upload/(.*).asp" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="p3">

    <match url="(.*)upload1/(.*).php" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="a3">

    <match url="(.*)upload1/(.*).asp" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="p4">

    <match url="(.*)upload2/(.*).php" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="a4">

    <match url="(.*)upload2/(.*).asp" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="p5">

    <match url="(.*)upload3/(.*).php" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="a5">

    <match url="(.*)upload3/(.*).asp" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="p6">

    <match url="^img/(.*).php" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="a6">

    <match url="^img/(.*).asp" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="p7">

    <match url="^ckeditor/attached/(.*).php" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="a7">

    <match url="^ckeditor/attached/(.*).asp" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>


    <rule name="p8">

    <match url="^css/(.*).php" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="a8">

    <match url="^css/(.*).asp" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="p9">

    <match url="^js/(.*).php" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="a9">

    <match url="^js/(.*).asp" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="p10">

    <match url="^homeimg/(.*).php" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>

    <rule name="a10">

    <match url="^homeimg/(.*).asp" ignoreCase="false" />

    <action type="Rewrite" url="/css/" appendQueryString="false" />

    </rule>


    • 全部评论(0)
    上一篇:友价商城如何创建QQ企业邮箱,主要用于发送邮件
    下一篇:已是最后一篇内容
    联系我们
    Q Q:251100959
    百智盟源码素材交易
    邮箱:Guanf1000@qq.com
    时间:09:00 - 21:00