额,我的博客也被黑了…【Hacked By International Force】
今晚回来打开博客一看,网站居然被黑了...
就是首页一个大大的背景图,播放着听不懂的音乐。
图片如下
里面的title是“Hacked By International Force”,貌似我没惹谁呀,网站里也只是个人的简单分享,没得罪谁吧。。。
检查了ftp,简单的检查了文件修改日期,没发现最近被修改的文件,然后又看了下主题文件,也没问题。接着试着登录网站的后台,居然也没事,想了想应该是index.php被改了,所以ftp下载来看,发现真的根目录的首页被替换了,奇怪的是文件的修改日期居然是2012年的,而不是今天或者昨天的,这么神奇的。。。
好吧,下次千万别再来找我啦,要是我哪里做的不对了,在这里留个言告诉我下吧...
代码分享下
- <html>
- <head>
- <meta name=ProgId content=Word.Document>
- <meta name=Generator content="Microsoft Word 11">
- <meta name=Originator content="Microsoft Word 11">
- <meta http-equiv=Content-Type content="text/html; charset=iso-8859-9">
- <META HTTP-EQUIV="Refresh" CONTENT="30; URL=/" />
- <style>
- v\:* {behavior:url(#default#VML);}
- o\:* {behavior:url(#default#VML);}
- w\:* {behavior:url(#default#VML);}
- .shape {behavior:url(#default#VML);}
- </style>
- <![endif]-->
- <title>Hacked By International Force</title>
- <!--[if gte mso 9]><xml>
- <o:DocumentProperties>
- <o:Author>XP</o:Author>
- <o:Template>Normal</o:Template>
- <o:LastAuthor>XP</o:LastAuthor>
- <o:Revision>5</o:Revision>
- <o:TotalTime>2</o:TotalTime>
- <o:Created>2012-08-14T17:49:00Z</o:Created>
- <o:LastSaved>2012-08-14T18:30:00Z</o:LastSaved>
- <o:Pages>1</o:Pages>
- <o:Words>30</o:Words>
- <o:Characters>173</o:Characters>
- <o:Company>HOME</o:Company>
- <o:Lines>1</o:Lines>
- <o:Paragraphs>1</o:Paragraphs>
- <o:CharactersWithSpaces>202</o:CharactersWithSpaces>
- <o:Version>11.6568</o:Version>
- </o:DocumentProperties>
- </xml><![endif]--><!--[if gte mso 9]><xml>
- <w:WordDocument>
- <w:SpellingState>Clean</w:SpellingState>
- <w:GrammarState>Clean</w:GrammarState>
- <w:HyphenationZone>21</w:HyphenationZone>
- <w:ValidateAgainstSchemas/>
- <w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
- <w:IgnoreMixedContent>false</w:IgnoreMixedContent>
- <w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
- <w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
- </w:WordDocument>
- </xml><![endif]--><!--[if gte mso 9]><xml>
- <w:LatentStyles DefLockedState="false" LatentStyleCount="156">
- </w:LatentStyles>
- </xml><![endif]-->
- <style>
- <!--body
- {min-width:650px;
- background-clip:box;
- background-origin:padding-box;
- background-size:cover;
- background-position-x:50%;
- background-position-y:50%;
- background-attachment:fixed;}
- /* Font Definitions */
- @font-face
- {font-family:calibri;
- panose-1:0 0 0 0 0 0 0 0 0 0;
- mso-font-alt:"Times New Roman";
- mso-font-charset:0;
- mso-generic-font-family:roman;
- mso-font-format:other;
- mso-font-pitch:auto;
- mso-font-signature:0 0 0 0 0 0;}
- /* Style Definitions */
- p.MsoNormal, li.MsoNormal, div.MsoNormal
- {mso-style-parent:"";
- margin:0cm;
- margin-bottom:.0001pt;
- mso-pagination:widow-orphan;
- font-size:12.0pt;
- font-family:"Times New Roman";
- mso-fareast-font-family:"Times New Roman";}
- p.metin, li.metin, div.metin
- {mso-style-name:metin;
- margin:0cm;
- margin-bottom:.0001pt;
- mso-pagination:widow-orphan;
- font-size:12.0pt;
- font-family:"Times New Roman";
- mso-fareast-font-family:"Times New Roman";}
- span.SpellE
- {mso-style-name:"";
- mso-spl-e:yes;}
- span.GramE
- {mso-style-name:"";
- mso-gram-e:yes;}
- @page Section1
- {size:595.3pt 841.9pt;
- margin:70.85pt 70.85pt 70.85pt 70.85pt;
- mso-header-margin:35.4pt;
- mso-footer-margin:35.4pt;
- mso-paper-source:0;}
- div.Section1
- {page:Section1;}
- -->
- </style>
- <!--[if gte mso 10]>
- <style>
- /* Style Definitions */
- table.MsoNormalTable
- {mso-style-name:"Normal Tablo";
- mso-tstyle-rowband-size:0;
- mso-tstyle-colband-size:0;
- mso-style-noshow:yes;
- mso-style-parent:"";
- mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
- mso-para-margin:0cm;
- mso-para-margin-bottom:.0001pt;
- mso-pagination:widow-orphan;
- font-size:10.0pt;
- font-family:"Times New Roman";
- mso-ansi-language:#0400;
- mso-fareast-language:#0400;
- mso-bidi-language:#0400;}
- </style>
- <![endif]--><!--[if gte mso 9]><xml>
- <o:shapedefaults v:ext="edit" spidmax="3074"/>
- </xml><![endif]--><!--[if gte mso 9]><xml>
- <o:shapelayout v:ext="edit">
- <o:idmap v:ext="edit" data="1"/>
- </o:shapelayout></xml><![endif]-->
- </head>
- <body bgcolor=black
- background="https://huilang.me/wp-content/uploads/2013/08/095329xIv.jpg" lang=TR
- style='tab-interval:35.4pt'>
- <div class=Section1>
- <body oncontextmenu="return false" onselectstart="return false" ondragstart="return false"></body>
- <p>
- <object type="application/x-shockwave-flash" data="http://flash-mp3-player.net/medias/player_mp3_mini.swf" width="2" height="1"><param name="movie" value="http://flash-mp3-player.net/medias/player_mp3_mini.swf"><param name="bgcolor" value="#000000">
- <param name="FlashVars" value="mp3=http://www.uploadmusic.org/MUSIC/5562331360496769.mp3&autoplay=1"></object>
- <br>
- </span><span style='font-size:9.0pt;font-family:calibri;color:white'><br>
- <br style='mso-special-character:line-break'>
- <![if !supportLineBreakNewLine]><br style='mso-special-character:line-break'>
- <![endif]></span><span style='font-family:calibri;color:white'><o:p></o:p></span></p>
- </div>
- </body>
- </html>
- <html>
- <head>
- <meta name=ProgId content=Word.Document>
- <meta name=Generator content="Microsoft Word 11">
- <meta name=Originator content="Microsoft Word 11">
- <meta http-equiv=Content-Type content="text/html; charset=iso-8859-9">
- <META HTTP-EQUIV="Refresh" CONTENT="30; URL=/" />
- <style>
- v\:* {behavior:url(#default#VML);}
- o\:* {behavior:url(#default#VML);}
- w\:* {behavior:url(#default#VML);}
- .shape {behavior:url(#default#VML);}
- </style>
- <![endif]-->
- <title>Hacked By International Force</title>
- <!--[if gte mso 9]><xml>
- <o:DocumentProperties>
- <o:Author>XP</o:Author>
- <o:Template>Normal</o:Template>
- <o:LastAuthor>XP</o:LastAuthor>
- <o:Revision>5</o:Revision>
- <o:TotalTime>2</o:TotalTime>
- <o:Created>2012-08-14T17:49:00Z</o:Created>
- <o:LastSaved>2012-08-14T18:30:00Z</o:LastSaved>
- <o:Pages>1</o:Pages>
- <o:Words>30</o:Words>
- <o:Characters>173</o:Characters>
- <o:Company>HOME</o:Company>
- <o:Lines>1</o:Lines>
- <o:Paragraphs>1</o:Paragraphs>
- <o:CharactersWithSpaces>202</o:CharactersWithSpaces>
- <o:Version>11.6568</o:Version>
- </o:DocumentProperties>
- </xml><![endif]--><!--[if gte mso 9]><xml>
- <w:WordDocument>
- <w:SpellingState>Clean</w:SpellingState>
- <w:GrammarState>Clean</w:GrammarState>
- <w:HyphenationZone>21</w:HyphenationZone>
- <w:ValidateAgainstSchemas/>
- <w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
- <w:IgnoreMixedContent>false</w:IgnoreMixedContent>
- <w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
- <w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
- </w:WordDocument>
- </xml><![endif]--><!--[if gte mso 9]><xml>
- <w:LatentStyles DefLockedState="false" LatentStyleCount="156">
- </w:LatentStyles>
- </xml><![endif]-->
- <style>
- <!--body
- {min-width:650px;
- background-clip:box;
- background-origin:padding-box;
- background-size:cover;
- background-position-x:50%;
- background-position-y:50%;
- background-attachment:fixed;}
- /* Font Definitions */
- @font-face
- {font-family:calibri;
- panose-1:0 0 0 0 0 0 0 0 0 0;
- mso-font-alt:"Times New Roman";
- mso-font-charset:0;
- mso-generic-font-family:roman;
- mso-font-format:other;
- mso-font-pitch:auto;
- mso-font-signature:0 0 0 0 0 0;}
- /* Style Definitions */
- p.MsoNormal, li.MsoNormal, div.MsoNormal
- {mso-style-parent:"";
- margin:0cm;
- margin-bottom:.0001pt;
- mso-pagination:widow-orphan;
- font-size:12.0pt;
- font-family:"Times New Roman";
- mso-fareast-font-family:"Times New Roman";}
- p.metin, li.metin, div.metin
- {mso-style-name:metin;
- margin:0cm;
- margin-bottom:.0001pt;
- mso-pagination:widow-orphan;
- font-size:12.0pt;
- font-family:"Times New Roman";
- mso-fareast-font-family:"Times New Roman";}
- span.SpellE
- {mso-style-name:"";
- mso-spl-e:yes;}
- span.GramE
- {mso-style-name:"";
- mso-gram-e:yes;}
- @page Section1
- {size:595.3pt 841.9pt;
- margin:70.85pt 70.85pt 70.85pt 70.85pt;
- mso-header-margin:35.4pt;
- mso-footer-margin:35.4pt;
- mso-paper-source:0;}
- div.Section1
- {page:Section1;}
- -->
- </style>
- <!--[if gte mso 10]>
- <style>
- /* Style Definitions */
- table.MsoNormalTable
- {mso-style-name:"Normal Tablo";
- mso-tstyle-rowband-size:0;
- mso-tstyle-colband-size:0;
- mso-style-noshow:yes;
- mso-style-parent:"";
- mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
- mso-para-margin:0cm;
- mso-para-margin-bottom:.0001pt;
- mso-pagination:widow-orphan;
- font-size:10.0pt;
- font-family:"Times New Roman";
- mso-ansi-language:#0400;
- mso-fareast-language:#0400;
- mso-bidi-language:#0400;}
- </style>
- <![endif]--><!--[if gte mso 9]><xml>
- <o:shapedefaults v:ext="edit" spidmax="3074"/>
- </xml><![endif]--><!--[if gte mso 9]><xml>
- <o:shapelayout v:ext="edit">
- <o:idmap v:ext="edit" data="1"/>
- </o:shapelayout></xml><![endif]-->
- </head>
- <body bgcolor=black
- background="https://huilang.me/wp-content/uploads/2013/08/095329xIv.jpg" lang=TR
- style='tab-interval:35.4pt'>
- <div class=Section1>
- <body oncontextmenu="return false" onselectstart="return false" ondragstart="return false"></body>
- <p>
- <object type="application/x-shockwave-flash" data="http://flash-mp3-player.net/medias/player_mp3_mini.swf" width="2" height="1"><param name="movie" value="http://flash-mp3-player.net/medias/player_mp3_mini.swf"><param name="bgcolor" value="#000000">
- <param name="FlashVars" value="mp3=http://www.uploadmusic.org/MUSIC/5562331360496769.mp3&autoplay=1"></object>
- <br>
- </span><span style='font-size:9.0pt;font-family:calibri;color:white'><br>
- <br style='mso-special-character:line-break'>
- <![if !supportLineBreakNewLine]><br style='mso-special-character:line-break'>
- <![endif]></span><span style='font-family:calibri;color:white'><o:p></o:p></span></p>
- </div>
- </body>
- </html>
:grin: 他们是土耳其的黑客团队,很强大
看他们的网站就知道 他们还没公布攻击你的博客 好像这个是他们顺手练习攻击的
wordpress也能攻击。。。呵呵呵
@yar turk: 我的站点他们看不上 就不公布咯 哈哈
cobmw先生看来要放弃点点了吗?哎…点点真是让人失望~ 看来~ 我也要存钱~ 到时等cobmw先生有空帮忙移植到 Tumblr~ 那里更开放点…
@联科技: Tumblr国内访问不了呀..
@cobmw:
可以啊 我这里访问很快速哦 现在可以了 前段时间不行 他们的负载性非常好 技术支持也很棒 你看看吧~ 要不你换去那里试试看
额。。你是用虚拟主机吗
@VerSun: 嗯 虚拟主机来着
是个美国人黑了你的网站,把你的网站跳到他的facebook上了,我发现后,很气愤,把他的跳转删了。
@soua: 我看里面的文字是土耳其的呢
30秒跳转
可不可以告诉我怎么把点点的文章转移到wordpress博客啊,不会啊!
@酸柠檬: 不好搬啊。。。
@cobmw: 你的点点是怎么同步的?
有空写个教程
@cobmw: 谢谢你的教程
不客气
:oops: 被黑也算尝尝鲜,哈哈!
@清新物语: 是呀 第一次呢
有时候不一定是博主做错什么事···也许有的人就是拿来练手而已呢?….. :?:
其实我也是这么认为的。。
用的是什么环境?一键安装包吗?我倒是被人挂过黑链。。
给个HTML代码能干啥……
肯定是你的主题不在官网下载的吧?有隐藏的WEBSHELL!
@★Extreme★: 主题没问题的 我全看过了 并且代码都被我精简了 只是一个样式在而已 应该是服务器漏洞
练手都中刀,赶紧买彩票去了。
哈哈 彩票就买不到咯。。
牛逼啊》。。还有博客被黑的
土耳其。。
你都不知道当初打开网页 然后看到莫名奇妙的文字和鸟音乐那种无语…
那确实挺郁闷的
服务器安全做的不好,以前用台湾主机被黑好几次,这次换香港的就不再被黑了.
我也不知道怎么回事,反正就是被黑了。现在换了vps也没事了,小博一个,黑客也看不上
估计就是顺便路过黑一下,不过wp其实算安全的吧