我有个帝国7.0的网站,今天主机上给我发了个邮件,说我主机上有个文件被感染了,他们病毒扫描结果如下: /home3/terrainl/public_html/500.php: SL-PHP-EVAL_REQUEST-axof.UNOFFICIAL FOUND
----------- SCAN SUMMARY ----------- Known viruses: 2167338 Engine version: devel-clamav-0.99-beta1-632-g8a582c7 Scanned directories: 3514 Scanned files: 22171 Infected files: 1 Data scanned: 151.32 MB Data read: 196.84 MB (ratio 0.77:1) Time: 183.395 sec (3 m 3 s)
我看了看这个500.php, 2012年就有了,其中代码如下: <!-- PHP Wrapper - 500 Server Error --> <html><head><title>500 Server Error</title></head> <body bgcolor=white> <h1>500 Server Error</h1>
A misconfiguration on the server caused a hiccup. Check the server logs, fix the problem, then try again. <hr>
<? echo "URL: http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']."<br>\n"; $fixer = "checksuexec ".escapeshellarg($_SERVER['DOCUMENT_ROOT'].$_SERVER['REQUEST_URI']); echo `$fixer`; ?>
</body></html>
大佬们,这个是病毒吗?还是误报?谢谢。
|