sys_safetest.htm
3.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo $cfg_soft_lang; ?>">
<title>木马自检程序</title>
<link href="css/base.css" rel="stylesheet" type="text/css" />
<link rel="stylesheet" type="text/css" href="css/indexbody.css" />
<style type="text/css">
td{padding-left:8px;}
</style>
<script language='javascript' src='js/main.js'></script>
<script language="javascript" src="../include/js/dedeajax2.js"></script>
<script language='javascript'>
function LoadCtTest()
{
var filetype = $Obj('filetype').value;
var info = $Obj('info').value;
$Obj('loaddiv').style.display='block';
var myajax = new DedeAjax($DE('messagetd'));
myajax.SendGet2('sys_safetest.php?action=test&filetype=' + filetype + "&info=" + info);
$Obj('loaddiv').style.display='none';
}
function LoadCtClear()
{
$Obj('loaddiv').style.display='block';
var myajax = new DedeAjax($DE('messagetd'));
myajax.SendGet2('sys_safetest.php?action=clear');
$Obj('loaddiv').style.display='none';
}
</script>
</head>
<body leftmargin="8" topmargin="8" background='images/allbg.gif'>
<div id='loaddiv' style='display:none'>
<p align='center' style='padding-top:200px'><img src='images/loadinglit.gif' /> 请稍后,正在操作中...</p>
</div>
<div class="bodytitle">
<div class="bodytitleleft"></div>
<div class="bodytitletxt" style="padding-left:10px;">用户安全中心</div>
</div>
<table width="98%" border="0" cellpadding="1" cellspacing="1" align="center" class="tbtitle" style="background:#CFCFCF;">
<tr>
<td width="100%" height="24" colspan="2" bgcolor="#EDF9D5" background="images/tbg.gif" style="padding-left:10px;">
<b>木马自检程序</b>
</td>
</tr>
<tr>
<td height="73" colspan="2" bgcolor="#FFFFFF">
<strong>安全建议:</strong>
<br />
1、有条件的用户把中 data、templets、uploads、html、special、images、install目录设置为不允许执行脚本,其它目录禁止写入,系统将更安全;<br />
2、本检测程以开发模式为标准,如果您的网站目录包含其它系统,此检测程序可能会产生错误判断;<br />
3、检测程序会跳过对模板缓存目录的检测,为了安全起见,检测完成后建议清空模板缓存。
</td>
</tr>
<tr>
<td height="50" colspan="2" bgcolor="#FFFFFF"><p>文件类型:
<input name="filetype" type="text" id="filetype" value="php|inc" style="width:420px"/>
要检查的文件类型</p>
<p>代码特征:
<input name="info" type="text" id="info" value="eval|cmd|system|exec|_GET|_POST" style="width:420px"/>
特征代码</p></td>
</tr>
<tr>
<td height="50" colspan="2" bgcolor="#FFFFFF">
<input type="button" name="bt1" value="开始检测" class="coolbg np" onclick="LoadCtTest();" />
<input type="button" name="bt2" value="清空模板缓存" class="coolbg np" onclick="LoadCtClear();" />
</td>
</tr>
<tr>
<td height="30" colspan="2" bgcolor="#F9FCEF">检测结果:(结果仅供参考,请务必查看源码后才删除非法文件)</td>
</tr>
<tr>
<td height="300" colspan="2" id="messagetd" valign="top" bgcolor="#FFFFFF">
</td>
</tr>
</table>
</body>
</html>