17173系统/服务运维配置不当导致整站源码泄露及

简要描述：17173分站由于配置不当，导致源码泄露，包括数据库账号密码详细说明：

漏洞证明： <?php

include_once("include/config.php");

include_once("include/db.php");

include_once("inc.php");

<?php

//读取指定数据

$str = filter($_REQUEST["str"]);

$classStr = filter($_REQUEST["classStr"]);

if(!empty($classStr)){

$classStr = substr($classStr,0,-1);

$classStr = split(",",$classStr);

}

if (!is_array($classStr)) {

$classStr = array(1, 2, 3, 4, 5, 6, 7, 8, 9, 10);

}

$conn = new MyAdodb($DbHost,$DbName,$DbUser,$DbPwd);

$conn->OpenDB();

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" " http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd ">

<head>

<title>17173·天龙八部数据库</title>

function addBookmark(title,url) {

if( document.all ) {

window.external.AddFavorite( url, title);

} else if (window.sidebar) {

window.sidebar.addPanel(title, url,"");

} else if( window.opera && window.print ) {

return true;

}

function setValue(){

Obj = getObject("a");

var i = 0;

var strValue = "";

for(var j = 0;j < Obj.length; j++){

//alert(j+"|"+Obj[j].value+"|"+Obj[j].checked);

if(true == Obj[j].checked ){

i++;

strValue += Obj[j].value+",";

}

if (i < 1) {

alert("请选择搜索分类！");

return false;

}

document.form1.classStr.value = strValue;

//alert(Obj.length+"|"+strValue);

}

/**检查表单**/

function checkForm(){

setValue();

Obj = document.form1;

if (Obj.str.value.length < 2){

alert("请输入2位以上的关键字！");

Obj.str.focus();

return false;

}

//设置指定id的选项

function SetCheckBox(str){

var tempStr,reg;

var ObjectField_1 = getObject("a");

var i=0,len;

len = ObjectField_1.length;

if (len == null) {

len=1;

}

if (len == 1){

reg = eval("/,"+ObjectField_1.value+",/g");

tempStr = str.replace(reg,"");

if (tempStr.length < str.length) {

ObjectField_1.checked = true;

}

}else{

for ( j = 0; j < len; j++){

reg = eval("/,"+ObjectField_1[j].value+",/g");

tempStr = str.replace(reg,"");

if (tempStr.length < str.length) {

ObjectField_1[j].checked = true;

}

//读取对像

function getObject(objectId) {

if (document.all && document.all(objectId)) {

return document.all(objectId);

}else if(document.getElementById && document.getElementById(objectId)) {

return document.getElementById(objectId);

}else if(document.getElementsByName && document.getElementsByName(objectId)) {

return document.getElementsByName(objectId);

}else {

return false;

}

</script>

</head>

<body>

<tr>

综合搜索：

</td>

</tr>

<tr>

<input type="checkbox" name="a" value="1" checked style="width: 20px;"/> 装备

<input type="checkbox" name="a" value="2" checked style="width: 20px;"/> 套装

<input type="checkbox" name="a" value="3" checked style="width: 20px;"/> 珍兽

<input type="checkbox" name="a" value="4" checked style="width: 20px;"/> 技能

<input type="checkbox" name="a" value="5" checked style="width: 20px;"/> 元宝

<input type="checkbox" name="a" value="6" checked style="width: 20px;"/> 任务

<input type="checkbox" name="a" value="7" checked style="width: 20px;"/> 地图

<input type="checkbox" name="a" value="8" checked style="width: 20px;"/> 怪物

<input type="checkbox" name="a" value="9" checked style="width: 20px;"/> NPC

<input type="checkbox" name="a" value="10" checked style="width: 20px;"/> 物品

</td>

</tr>

</form>

</table>

</div>

</div>

<?php if(!empty($classStr)){?>

<?php

for ($j = 0; $j < count($classStr); $j++){

$a = $classStr[$j];

switch($a){

case 1:

$ItemClass = " 装备 ";

break;

case 2:

$ItemClass = " 套装 ";

break;

case 3:

$ItemClass = " 珍兽 ";

break;

case 4:

$ItemClass = " 技能 ";

break;

case 5:

$ItemClass = " 元宝 ";

break;

case 6:

$ItemClass = " 任务 ";

break;

case 7:

$ItemClass = " 地图 ";

break;

case 8:

$ItemClass = " 怪物 ";

break;

case 9:

$ItemClass = " NPC ";

break;

case 10:

$ItemClass = " 物品 ";

break;

}

<?php } ?>

</div>

<?php

for ($j = 0; $j < count($classStr); $j++){

$a = $classStr[$j];

switch($a){

case 1:

$table = "tl_eqiupment";

$sqlWhere = " where ItemName like BINARY '%".$str."%' group by ItemName";

break;

case 2:

$table = "tl_taozhuang";

$sqlWhere = " where ItemName like BINARY '%".$str."%'";

break;

case 3:

$table = "tl_bb";

$sqlWhere = " where ItemName like BINARY '%".$str."%'";

break;

case 4:

$table = "tl_skill";

$sqlWhere = " where ItemName like BINARY '%".$str."%'";

break;

case 5:

$table = "tl_yuanbao";

$sqlWhere = " where ItemName like BINARY '%".$str."%'";

break;

case 6:

$table = "tl_questinfo";

$sqlWhere = " where ItemName like BINARY '%".$str."%' group by ItemName";

break;

case 7:

$table = "tl_map";

$sqlWhere = " where ItemName like BINARY '%".$str."%'";

break;

case 8:

$table = "tl_monster";

$sqlWhere = " where ItemName like BINARY '%".$str."%'";

break;

case 9:

$table = "tl_npc";

$sqlWhere = " where ItemName like BINARY '%".$str."%'";

break;

case 10:

$table = "tl_things";

$sqlWhere = " where ItemName like BINARY '%".$str."%'";

break;

default:

$table = "";

}

$sqlStr = "select * from ".$table.$sqlWhere." limit 0,20";

$rs = $conn->ReadDB($sqlStr);

</div>

<?php if($a == 1){ ?>

</div>

<?php for($i=0;$i<count($rs);$i++){ ?>

<div class="p14 dt"><a href="arm.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src=" http://ue1.17173.itc.cn/tldb/images/<?=$rs[$i]['FileName']?>.jpg " width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,1,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div>

<div class=" p14 cBlack dd col13"><span onMouseOver="Face_MouseOver(event,1,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="arm.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>

<div class=" p14 cBlack dd col15"><a href="arms.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div>

<div class=" p14 cBlack dd col15"><?=$RS[$i]['Avoid']>0?$RS[$i]['Avoid']:0?></div>

</div>

<?php } ?>

<?php }else if($a == 2){ ?>

</div>

<?php for($i=0;$i<count($rs);$i++){ ?>

<div class=" p14 cBlack dd colTwo"><span onMouseOver="Face_MouseOver(event,2,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="suit.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>

<div class=" p14 cBlack dd colFour"><a href="suits.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div>

</div>

<?php } ?>

<?php }else if($a == 3){ ?>

</div>

<?php for($i=0;$i<count($rs);$i++){ ?>

<div class="p14 dt"><a href="baby.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src=" http://ue1.17173.itc.cn/tldb/images/<?=getImage($rs[$i]['FileName'])?>.jpg " width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,3,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div>

<div class=" p14 cBlack dd colTwo"><span onMouseOver="Face_MouseOver(event,3,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="baby.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>

</div>

<?php } ?>

<?php }else if($a == 4){ ?>

</div>

<?php for($i=0;$i<count($rs);$i++){ ?>

<div class="p14 dt"><a href="skill.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src=" http://ue1.17173.itc.cn/tldb/images/<?=$rs[$i]['FileName']?>.jpg " width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,4,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div>

<div class=" p14 cBlack dd colTwo"><span onMouseOver="Face_MouseOver(event,4,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="skill.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>

<?php

if($rs[$i]['ClassType']=='门派战斗技能'){

echo $rs[$i]['CoolTime']?$rs[$i]['CoolTime']."秒":"瞬发";

echo strpos($rs[$i]['CoolTime'],'-')?"（随心法等级提高而减少）":"";

}

else

echo " ";

</div>

<?php } ?>

<?php }else if($a == 5){ ?>

</div>

<?php for($i=0;$i<count($rs);$i++){ ?>

<div class="p14 dt"><a href="gold.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="

<div class=" p14 cBlack dd colEight"><span onMouseOver="Face_MouseOver(event,5,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="gold.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>

<div class=" p14 cBlack dd colFour"><a href="golds.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div>

</div>

<?php } ?>

<?php }else if($a == 6){ ?>

</div>

<?php for($i=0;$i<count($rs);$i++){ ?>

<div class=" p14 cBlack dd colSix"><a href="questinfo.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></div>

<div class=" p14 cBlack dd colTwo"><a href="questinfos.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div>

</div>

<?php } ?>

<?php }else if($a == 7){ ?>

</div>

<?php for($i=0;$i<count($rs);$i++){ ?>

<div class=" p14 cBlack dd colTwo"><a href="map.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></div>

</div>

<?php } ?>

<?php }else if($a == 8){ ?>

</div>

<?php for($i=0;$i<count($rs);$i++){ ?>

<div class="p14 dt"><a href="monster.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src=" http://ue1.17173.itc.cn/tldb/images/<?=getImage($rs[$i]['FileName'])?>.jpg " width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,7,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div>

<div class=" p14 cBlack dd colEight"><span onMouseOver="Face_MouseOver(event,7,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="monster.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?><? if($rs[$i]['ItemClass']=='BOSS怪物') echo "<font color=red>[boss]</font>";?></a></span>

</div>

<? if($rs[$i]['ItemClass']!='首领头目'){ ?><?=$rs[$i]['Points']?"(".str_replace("&",",",$rs[$i]['Points']).")":" "?><? }else echo "多处"; ?></div>

</div>

<?php } ?>

<?php }else if($a == 9){ ?>

<div class=" p14 cBlack backgroundGray dd colTwo">【NPC名称】</div>

</div>

<?php for($i=0;$i<count($rs);$i++){ ?>

<div class="p14 dt"><? if(strlen($rs[$i]['FileName'])){ ?><a href="npc.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src=" http://ue1.17173.itc.cn/tldb/images/<?=getImage($rs[$i]['FileName'])?>.jpg " width="37" height="38" border="0" onMouseOver="Face_MouseOver(event,6,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a>

<?php }else echo " "; ?></div>

<div class=" p14 cBlack dd colTwo"><span onMouseOver="Face_MouseOver(event,6,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="npc.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>

</div>

<?php } ?>

<?php }else if($a == 10){ ?>

</div>

<?php for($i=0;$i<count($rs);$i++){ ?>

<div class="p14 dt"><a href="thing.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src=" http://ue1.17173.itc.cn/tldb/images/<?=$rs[$i]['FileName']?>.jpg " width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,8,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div>

<div class=" p14 cBlack dd col13"><span onMouseOver="Face_MouseOver(event,8,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="thing.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>

<div class=" p14 cBlack dd col15"><a href="things.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div>

</div>

<?php }?>

<?php }?><div class="clear"></div>

</div>

</div>

</div>

</div>

<?php } ?>

<!--

var tab_config = {"label" :["content1","content2","content3","content4","content5","content6","content7","content8","content9","content10"],

"content":["ccontent1","ccontent2","ccontent3","ccontent4","ccontent5","ccontent6","ccontent7","ccontent8","ccontent9","ccontent10"],

"current":"quhuan",

"normal" :"quhuan1",

"current_label":"content1"

}

var tab2 = new tab_effect(tab_config);

tab2.init("滑过");

//-->

</SCRIPT>

<?php } ?>

</div>

<?php include("sidebar.html"); ?>

</div>

<?php include("footer.html"); ?>

</body>

</html>

系统配置文件

$DbHost="10.59.96.114:3307";

$DbName="wowdb";

$DbUser="wowdb";

$DbPwd ="@!#$%$#$@@@@";

$DbHost1="10.59.96.114:3307";

$DbName1="wow_interface";

$DbUser1="wow_interface";

$DbPwd1 ="@!#$%$#$@@@@";

$sys_config = array(

"list_ip"=>"218.66.59.108|10.5.21.49|127.0.0.1",

"comment_url"=>" http://comment.news.17173.com/makecomment.php ",

"comment_identy"=>" newgame@!sc90ke2!cn3gh +*)"

);

$manager_type = array

(

1 => "一般管理员",

9 => "系统管理员"

);

$popedom_type = array

(

1 => "一级",

2 => "二级",

3 => "三级",

4 => "四级",

5 => "五级"

);

$geKey = "1qwerfdsa";

//装备表名

$itemTableArr = array("ge_item_weapon", "ge_item_safe", "ge_item_adorn", "ge_item_other");

//NPC性别

$npcSexArr = array("Both"=>"男/女", "Female"=>"女", "Male"=>"男");

$ html Dir = "/html/";

?> 修复方案：配置啊低级问题啊

查看更多关于17173系统/服务运维配置不当导致整站源码泄露及的详细内容...

声明：本文来自网络，不代表【好得很程序员自学网】立场，转载请注明出处：http://haodehen.cn/did11612

更新时间：2022-09-13 阅读：46次