Tag Archives: htaccess

WordPress 3.2.1 spart prin fisierele temei

Titlul este pompos ca in ziare si reviste. Pana la urma WordPress-ul a fost spart prin intermediul unei teme (theme, layout, sablon etc, cum ii zice fiecare). Aveam pe server mai multe teme gratuite oferite de mai multe site-uri (printre care si woothemes.com) si foloseam doar cateva dintre ele. Si prin una din ele, s-a putut intra si incarca pe server fisier cu cod PHP.

Orice programator mai rasarit – care mai face cracking, hacking – stie ca in momentul in care poti pune un fisier PHP pe un server, poti face multe pornind de acolo. Depinde ce doresti sa faci.

METODE

Am incercat sa astup groapa sapata de hacker si am folosit mai multe metode:

  • restaurarea fisierelor din back-up oferit de hosting
  • cautare de fisiere index.php si vizualizarea codului de la finalul fisierului
  • stergerea fisierelor ciudate de pe server (ex: Thumbs.db)
  • reinstalare de WordPress si alte site-uri
  • cautare de texte prin baza de date

.htacces
Blogurile dadeau un mesaj ciudat in burtiera:

PHP Warning: Unknown: failed to open stream: No such file or directory in Unknown on line 0
PHP Fatal error: Unknown: Failed opening required '/home/abcdefg/public_html/abcdefgh/Thumbs.db' (include_path='.:/usr/lib/php:/usr/local/lib/php') in Unknown on line 0

Am reinstalat, am cautat si… nimic. Pana la urma hackerul se bagase in “.htaccess” si a adaugat linia de mai jos

php_value auto_append_file /home/abcdefg/public_html/abcdefg/Thumbs.db

deci degeaba cautam in codul php, caci era folosita metoda “auto_append_file”.

Succes la cei care au gropi de astupat!

China ataca prin roboti de indexare

Azi am gasit in statistici zeci de hosturi de genul 123.125.66.* si am cautat ce robot foloseste clasa aceasta. Este un chinez pe nume Baiduspider. Este suspectat ca ar fii japonez, cert este ca are ochii mici.

Baiduspider is a Baidu search engine automatic procedure. Its function is visits on the Internet the html homepage, establishes the index database, enables the user to search the expensive website in the Baidu search engine the homepage.

Why does baiduspider massively visit my homepage?
After baiduspider visits your homepage, can on the automated analysis each homepage writing content and the memory homepage website, then other 网友 can find your homepage through hundred search engines. If baiduspider does not visit your homepage, then possesses through baiduspider provides the homepage information the search engine all not to be able to find your homepage, in other words, other 网友 and so on several dozens search the website in hundred souhu.com Sina Yahoo! Tom to be able not to be able to find your homepage. You may arrive here further to understand the search engine.

Continue reading »