如果你是管理 WordPress、Joomla、Drupal 等 CMS 內容網站、論壇或自架網站的 IT 技術管理者,建議定期檢查網站目錄是否有不明來源或名稱可疑的陌生檔案。
如果在網站目錄或子目錄中發現不明來源的檔案,很有可能是黑帽駭客(Black Hat,又稱網路犯罪者(Cybercriminal))使用的攻擊工具,如病毒蠕蟲或後門。他們甚至可能會利用你的網站進行攻擊,攻擊其他網站。
筆者先前寫過一篇《資安漏洞:WordPress 11 種外掛 Plugins 和佈景主題 Themes 安全性問題》2介紹 WordPress 網站經常遇到的危險。
但是現代駭客的攻擊手法時常變動,我們特別將比較常見的危險檔案名稱整理於本文章,並且隨時更新以後市面上常見的最新資訊,讓大家在檢查自家網站的目錄時,可以有個參考樣本。
危險檔案名稱列表
網站根目錄
- Sisi.php
- user.php
- seter.php
- ivjzx.php
- zkuhj.php
- yt.php
- wp-config.original
- 1ndex.php
網站子目錄
- /plus/flink.php
- /plus/moon.php
- /plus/download.php
- /plus/mytag_js.php
- /admin/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php
- /editor/editor/filemanager/connectors/aspx/connector.aspx
- /assets/modules/evogallery/js/uploadify/uploadify.php
- /modules/vtemskitter/uploadimage.php
- /modules/verticalmegamenus/VerticalMegaMenusUploadImage.php
- /modules/groupcategory/GroupCategoryUploadImage.php
- /不特定目錄/wlwmanifest.xml
WordPress Plugins 外掛
- /wp-content/plugins/wp-symposium/server/php/index.php
- /wp-content/plugins/mac-dock-gallery/macdownload.php
- /wp-content/plugins/dzs-zoomsounds/admin/upload.php
- /wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php
- /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
- /wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields
- /wp-content/plugins/wp-property/third-party/uploadify/uploadify.php
- /wp-content/plugins/simple-ads-manager/sam-ajax-admin.php
- /wp-content/plugins/dzs-videogallery/admin/upload.php
- /wp-content/plugins/barclaycart/uploadify/uploadify.php
- /wp-content/plugins/sexy-contact-form/includes/fileupload/index.php
- /wp-content/plugins/pitchprint/uploader/
- /wp-content/plugins/cnhk-slideshow/uploadify/uploadify.php
- /wp-content/plugins/custom-background/uploadify/uploadify.php
- /wp-content/plugins/asset-manager/upload.php
- /wp-content/plugins/wordpress-member-private-conversation/doupload.php
- /wp-content/plugins/flipbook/php.php
- /wp-content/plugins/wpstorecart/php/upload.php
- /wp-content/plugins/wpshop/includes/ajax.php?elementCode=ajaxUpload
- /wp-content/plugins/wp-symposium/js/uploadify/uploadify.php
- /wp-content/plugins/formcraft/file-upload/server/php/
- /wp-content/plugins/pica-photo-gallery/picaPhotosResize.php
- /wp-content/plugins/wp-copysafe-pdf/lib/uploadify/uploadify.php
- /wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/
- /wp-content/plugins/acf-frontend-display/js/blueimp-jQuery-File-Upload-d45deb1
- /wp-content/plugins/omni-secure-files/plupload/examples/upload.php
- /wp-content/plugins/i-dump-iphone-to-wordpress-photo-uploader/uploader.php
- /wp-content/plugins/wordpress-member-private-conversation/doupload.php
- /wp-content/plugins/wp-checkout/vendors/uploadify/upload.php
- /wp-content/plugins/logosware-suite-uploader/lw-suite-uploader.php
- /wp-content/plugins/viral-optins/api/uploader/file-uploader.php
- /wp-content/themes/purevision/scripts/admin/uploadify/uploadify.php
WordPress Theme 佈景主題
- /wp-content/themes/evolve/js/back-end/libraries/fileuploader/upload_handler.php
- /wp-content/themes/satoshi/functions/upload-handler.php
- /wp-content/themes/multimedia1/server/php/
- /wp-content/themes/betheme/muffin-options/fields/upload/field_upload.php
- /wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php
- /wp-content/themes/dandelion/functions/upload-handler.php
- /wp-content/themes/highlight/lib/utils/upload-handler.php
- /wp-content/themes/dance-studio/core/libs/imperavi/tests/file_upload.php
- /wp-content/themes/ithemes2/themify/themify-ajax.php?upload=1
- /wp-content/themes/amplus/functions/upload-handler.php
- /wp-content/themes/AdvanceImage5/header.php
- /wp-content/themes/konzept/includes/uploadify/upload.php
- /wp-content/themes/RightNow/includes/uploadify/upload_settings_image.php
- /wp-content/themes/cubed_v1.2/functions/upload-handler.php
- /wp-content/themes/MoneyTheme/uploads/upload.php
- /wp-content/themes/eptonic/functions/jwpanel/scripts/valums_uploader/php.php
- /wp-content/themes/pinboard/themify/themify-ajax.php?upload=1
Joomla、Drupal、論壇網站
- empty
發佈留言