網站駭客攻擊手法:病毒蠕蟲、後門危險檔案清單

如果你是管理 WordPress、Joomla、Drupal 等 CMS 內容網站、論壇或自架網站的 IT 技術管理者,建議定期檢查網站目錄是否有不明來源或名稱可疑的陌生檔案。

如果在網站目錄或子目錄中發現不明來源的檔案,很有可能是黑帽駭客(Black Hat,又稱網路犯罪者(Cybercriminal))使用的攻擊工具,如病毒蠕蟲或後門。他們甚至可能會利用你的網站進行攻擊,攻擊其他網站。

筆者先前寫過一篇《資安漏洞:WordPress 11 種外掛 Plugins 和佈景主題 Themes 安全性問題》2介紹 WordPress 網站經常遇到的危險。

但是現代駭客的攻擊手法時常變動,我們特別將比較常見的危險檔案名稱整理於本文章,並且隨時更新以後市面上常見的最新資訊,讓大家在檢查自家網站的目錄時,可以有個參考樣本。

危險檔案名稱列表

網站根目錄

  • Sisi.php
  • user.php
  • seter.php
  • ivjzx.php
  • zkuhj.php
  • yt.php
  • wp-config.original
  • 1ndex.php

網站子目錄

  • /plus/flink.php
  • /plus/moon.php
  • /plus/download.php
  • /plus/mytag_js.php
  • /admin/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php
  • /editor/editor/filemanager/connectors/aspx/connector.aspx
  • /assets/modules/evogallery/js/uploadify/uploadify.php
  • /modules/vtemskitter/uploadimage.php
  • /modules/verticalmegamenus/VerticalMegaMenusUploadImage.php
  • /modules/groupcategory/GroupCategoryUploadImage.php
  • /不特定目錄/wlwmanifest.xml

WordPress Plugins 外掛

  • /wp-content/plugins/wp-symposium/server/php/index.php
  • /wp-content/plugins/mac-dock-gallery/macdownload.php
  • /wp-content/plugins/dzs-zoomsounds/admin/upload.php
  • /wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php
  • /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
  • /wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields
  • /wp-content/plugins/wp-property/third-party/uploadify/uploadify.php
  • /wp-content/plugins/simple-ads-manager/sam-ajax-admin.php
  • /wp-content/plugins/dzs-videogallery/admin/upload.php
  • /wp-content/plugins/barclaycart/uploadify/uploadify.php
  • /wp-content/plugins/sexy-contact-form/includes/fileupload/index.php
  • /wp-content/plugins/pitchprint/uploader/
  • /wp-content/plugins/cnhk-slideshow/uploadify/uploadify.php
  • /wp-content/plugins/custom-background/uploadify/uploadify.php
  • /wp-content/plugins/asset-manager/upload.php
  • /wp-content/plugins/wordpress-member-private-conversation/doupload.php
  • /wp-content/plugins/flipbook/php.php
  • /wp-content/plugins/wpstorecart/php/upload.php
  • /wp-content/plugins/wpshop/includes/ajax.php?elementCode=ajaxUpload
  • /wp-content/plugins/wp-symposium/js/uploadify/uploadify.php
  • /wp-content/plugins/formcraft/file-upload/server/php/
  • /wp-content/plugins/pica-photo-gallery/picaPhotosResize.php
  • /wp-content/plugins/wp-copysafe-pdf/lib/uploadify/uploadify.php
  • /wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/
  • /wp-content/plugins/acf-frontend-display/js/blueimp-jQuery-File-Upload-d45deb1
  • /wp-content/plugins/omni-secure-files/plupload/examples/upload.php
  • /wp-content/plugins/i-dump-iphone-to-wordpress-photo-uploader/uploader.php
  • /wp-content/plugins/wordpress-member-private-conversation/doupload.php
  • /wp-content/plugins/wp-checkout/vendors/uploadify/upload.php
  • /wp-content/plugins/logosware-suite-uploader/lw-suite-uploader.php
  • /wp-content/plugins/viral-optins/api/uploader/file-uploader.php
  • /wp-content/themes/purevision/scripts/admin/uploadify/uploadify.php

WordPress Theme 佈景主題

  • /wp-content/themes/evolve/js/back-end/libraries/fileuploader/upload_handler.php
  • /wp-content/themes/satoshi/functions/upload-handler.php
  • /wp-content/themes/multimedia1/server/php/
  • /wp-content/themes/betheme/muffin-options/fields/upload/field_upload.php
  • /wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php
  • /wp-content/themes/dandelion/functions/upload-handler.php
  • /wp-content/themes/highlight/lib/utils/upload-handler.php
  • /wp-content/themes/dance-studio/core/libs/imperavi/tests/file_upload.php
  • /wp-content/themes/ithemes2/themify/themify-ajax.php?upload=1
  • /wp-content/themes/amplus/functions/upload-handler.php
  • /wp-content/themes/AdvanceImage5/header.php
  • /wp-content/themes/konzept/includes/uploadify/upload.php
  • /wp-content/themes/RightNow/includes/uploadify/upload_settings_image.php
  • /wp-content/themes/cubed_v1.2/functions/upload-handler.php
  • /wp-content/themes/MoneyTheme/uploads/upload.php
  • /wp-content/themes/eptonic/functions/jwpanel/scripts/valums_uploader/php.php
  • /wp-content/themes/pinboard/themify/themify-ajax.php?upload=1

Joomla、Drupal、論壇網站

  • empty

參考文獻

  1. WordPress 根目錄檢查 wp-config.??? 不明檔案|網路安全漏洞
  2. 資安漏洞:WordPress 11 種外掛 Plugins 和佈景主題 Themes 安全性問題

分享您的想法

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *

在〈網站駭客攻擊手法:病毒蠕蟲、後門危險檔案清單〉中有 1 則留言

  1. I am suyre this ost hhas touched alll thhe iinternet users, itss realy really goo aticle onn buildinng uup nnew webpage.