平淡人生

静待花开,花开常有香相伴;倾听流水,流水总有乐相陪;有缘清风携舟涉碧水,无缘细雨伴君独自行。

利用Linux命令find查找PHP木马

Linux本身相对Win来讲安全点,因为好多人不会命令,这就是优点啊!但网站现在开源的这么多,所以漏洞也相对较多,一不小心网站被上传木马也是常有的事情。
收集和整理了一下利用find命令来查找一下是否网站被种木马了,无非是根据木马的特征代码来配对。

find ./ -name "*.php" |xargs egrep "phpspy|c99sh|milw0rm|eval\(gunerpress|eval\(base64_decode|spider_bc"> /tmp/php.txt

grep -r –include=*.php  '[^a-z]eval($_POST' . > /tmp/eval.txt

grep -r –include=*.php  'file_put_contents(.*$_POST\[.*\]);' . > /tmp/file_put_contents.txt

find ./ -name "*.php" -type f -print0 | xargs -0 egrep "(phpspy|c99sh|milw0rm|eval\(gzuncompress\(base64_decode|eval\(base64_decode|spider_bc|gzinflate)" | awk -F: '{print $1}' | sort | uniq

查找最近一天被修改的PHP文件

find -mtime -1 -type f -name \*.php

修改网站php文件权限,只读

find -type f -name \*.php -exec chmod 444 {} \;

修改网站目录权限

find ./ -type d -exec chmod 555{} \;

php编译中遇到error解决办法![转]

在编译php的过程中,经常会出现一些错误信息,网络上搜索了一下还是比较有用的,收藏一下!

1) Configure: error: xml2-config not found. Please check your libxml2 installation.
Solutions :
Quote:
#yum install libxml2 libxml2-devel (For Redhat & Fedora)
# aptitude install libxml2-dev      (For ubuntu)

2) Checking for pkg-config… /usr/bin/pkg-config 
configure: error: Cannot find OpenSSL’s <evp.h>
Solutions :
Quote:
#yum install openssl openssl-devel

3) Configure: error: Please reinstall the BZip2 distribution
Solutions :
Quote:
# yum install bzip2 bzip2-devel

4) Configure: error: Please reinstall the libcurl distribution - 
easy.h should be in <curl-dir>/include/curl/
Solutions :
Quote:
# yum install curl curl-devel   (For Redhat & Fedora)
# install libcurl4-gnutls-dev    (For Ubuntu) 

5) Configure: error: libjpeg.(also) not found.
Solutions :
Quote:
# yum install libjpeg libjpeg-devel

6) Configure: error: libpng.(also) not found.
Solutions :
Quote:
# yum install libpng libpng-devel

7) Configure: error: freetype.h not found. 
Solutions :
Quote:
#yum install freetype-devel

8) Configure: error: Unable to locate gmp.h
Solutions :
Quote:
# yum install gmp-devel

9) Configure: error: Cannot find MySQL header files under /usr. 
Note that the MySQL client library is not bundled anymore!
Solutions :
Quote:
# yum install mysql-devel            (For Redhat & Fedora)
# apt-get install libmysql++-dev      (For Ubuntu) 

10) Configure: error: Please reinstall the ncurses distribution
Solutions :
Quote:
# yum install ncurses ncurses-devel

11) Checking for unixODBC support… configure: error: ODBC header file ‘/usr/include/sqlext.h’ not found!
Solutions :
Quote:
# yum install unixODBC-devel

12) Configure: error: Cannot find pspell
Solutions :
Quote:
# yum install pspell-devel

13) configure: error: mcrypt.h not found. Please reinstall libmcrypt.
Solutions :
Quote:
# yum install libmcrypt libmcrypt-devel    (For Redhat & Fedora)
# apt-get install libmcrypt-dev 

14) Configure: error: snmp.h not found. Check your SNMP installation.
Solutions :
Quote:
# yum install net-snmp net-snmp-devel

15)configure: error: Please reinstall libmhash – I cannot find mhash.h
#yum install mhash-devel

Nginx 301重定向配置方法

有时候顶级域名不想使用,只想用www域名,那么需要做301重定向,在Nginx下的方法有以下两种我较常用的方法:

第一种方式建立一个kiccleaf.com.conf文件输入以下内容

server {
    listen 80;
    server_name  kiccleaf.com;
    location / {
            rewrite ^(.*) http://www.kiccleaf.com$1 permanent;
    }
}

第二种方式在原有的www.kiccleaf.com.conf文件里添加至server_name下一行(我个人一般采用这种方式,比较方便在一个配置文件中就可以解决了。)

server{
   listen 80;
   server_name www.kiccleaf.com kiccleaf.com ;
   if ($host != 'www.kiccleaf.com' ){
      rewrite ^/(.*)$ http://www.kiccleaf.com/$1 permanent;
   }
  ...
}

python实现FTP简单上传下载文件【转】

参考了脚本,Python编写上传下载还是很方便的,搜索了一下资料找到了一哥们的参考例子,转来先!
维护服务器的朋友都很清楚,经常需要备份上传下载到其他服务器,所以人去做就很费时间,改用编写脚本每天凌晨夜深人静的时候让它自己跑去!
Win的写法是采用BAT文件来实现,Linux和FreeBSD下可以采用Shell命令,但发现Python更强大!以下是转来的列子:


#!/usr/bin/env python 
# -*- coding: utf-8 -*- 
 
from ftplib import FTP 
 
def ftp_up(filename = "20120904.rar"): 
    ftp=FTP() 
    ftp.set_debuglevel(2)#打开调试级别2,显示详细信息;0为关闭调试信息 
    ftp.connect('192.168.0.1','21')#连接 
    ftp.login('admin','admin')#登录,如果匿名登录则用空串代替即可 
    #print ftp.getwelcome()#显示ftp服务器欢迎信息 
    #ftp.cwd('xxx/xxx/') #选择操作目录 
    bufsize = 1024#设置缓冲块大小 
    file_handler = open(filename,'rb')#以读模式在本地打开文件 
    ftp.storbinary('STOR %s' % os.path.basename(filename),file_handler,bufsize)#上传文件 
    ftp.set_debuglevel(0) 
    file_handler.close() 
    ftp.quit() 
    print "ftp up OK" 
 
def ftp_down(filename = "20120904.rar"): 
    ftp=FTP() 
    ftp.set_debuglevel(2) 
    ftp.connect('192.168.0.1','21') 
    ftp.login('admin','admin') 
    #print ftp.getwelcome()#显示ftp服务器欢迎信息 
    #ftp.cwd('xxx/xxx/') #选择操作目录 
    bufsize = 1024 
    filename = "20120904.rar" 
    file_handler = open(filename,'wb').write #以写模式在本地打开文件 
    ftp.retrbinary('RETR %s' % os.path.basename(filename),file_handler,bufsize)#接收服务器上文件并写入本地文件 
    ftp.set_debuglevel(0) 
    file_handler.close() 
    ftp.quit() 
    print "ftp down OK" 

转自:http://wangwei007.blog.51cto.com/68019/983638


Python检测服务器硬盘使用情况【转】

此脚本主要用于zabbix监控系统硬盘只用,适用于windows和linux系统,返回值为0为正常,有几个分区的硬盘剩余少于10G或低于10%就为报警阀值(windows的C盘和linux的根分区除外)

#!/bin/env python 
# -*- coding: utf-8 -*- 
########################################################## 
# @This script is used to check disk free space for zabbix 
# @Contact:      [email protected] 
# @Name:         disk.py 
# @Function:     check disk free space for zabbix 
# @Author:       wangwei 
########################################################## 
import platform 
import commands 
 
def w_disk(): 
    import wmi 
    c = wmi.WMI () 
    i = 0 
    for disk in c.Win32_LogicalDisk (DriveType=3): 
        a = int(disk.FreeSpace) / (1024*1024*1024) 
        b = int(100.0 * long (disk.FreeSpace) / long (disk.Size)) 
        if disk.Caption == "C:": 
            if (a < 2) or (b < 10): 
                i += 1 
            else: 
                i += 0 
        else: 
            if (a < 10) or (b < 10): 
                i += 1 
            else: 
                i += 0 
    print i 
 
def L_disk(): 
    free = commands.getstatusoutput('df -h|grep dev|egrep -v "tmp|var|shm"') 
    list = free[1].split('\n') 
    i = 0 
    for disk in range(len(list)): 
        vd = list[disk][6:8] 
        a = list[disk].split()[3] 
        if a[-1] == 'T': 
            a = int(float(a[:-1]))*1024 
        else: 
            a = int(float(a[:-1])) 
        b = 100 - int(list[disk].split()[4][:-1]) 
        if vd == "da": 
            if (a < 2) or (b < 10): 
                i += 1 
            else: 
                i += 0 
        else: 
            if (a < 10) or (b < 10): 
                i += 1 
            else: 
                i += 0 
    print i 
 
if __name__ == "__main__": 
    os = platform.system() 
    if os == "Windows": 
        w_disk() 
    elif os == "Linux": 
        L_disk() 

转自:http://wangwei007.blog.51cto.com/68019/741081


python写的简单发送邮件的脚本【转】

近来有些东西需要监控报警发邮件,然后在网上找了点材料,自己写了一个简单发送邮件的脚本,主要就是运用python的smtplib模块,分享给大家看一下:

#!/usr/bin/env python 
# -*- coding: utf-8 -*- 
#导入smtplib和MIMEText 
import smtplib,sys 
from email.mime.text import MIMEText 
 
def send_mail(sub,content): 
    ############# 
    #要发给谁,这里发给1个人 
    mailto_list=["[email protected]"] 
    ##################### 
    #设置服务器,用户名、口令以及邮箱的后缀 
    mail_host="mail.gyyx.cn" 
    mail_user="[email protected]" 
    mail_pass="123456677890" 
    mail_postfix="gyyx.cn" 
    ###################### 
    ''''' 
    to_list:发给谁 
    sub:主题 
    content:内容 
    send_mail("[email protected]","sub","content") 
    ''' 
    me=mail_user+"<"+mail_user+"@"+mail_postfix+">" 
    msg = MIMEText(content,_charset='gbk') 
    msg['Subject'] = sub 
    msg['From'] = me 
    msg['To'] = ";".join(mailto_list) 
    try: 
        s = smtplib.SMTP() 
        s.connect(mail_host) 
        s.login(mail_user,mail_pass) 
        s.sendmail(me, mailto_list, msg.as_string()) 
        s.close() 
        return True 
    except Exception, e: 
        print str(e) 
        return False 
if __name__ == '__main__': 
    if send_mail(u'这是python测试邮件',u'python发送邮件'): 
        print u'发送成功' 
    else: 
        print u'发送失败' 

转自:http://wangwei007.blog.51cto.com/68019/978743


Python 字符串操作【转】

Python 字符串操作(string替换、删除、截取、复制、连接、比较、查找、包含、大小写转换、分割等)


去空格及特殊符号  
s.strip() .lstrip() .rstrip(',')   
 
复制字符串  
#strcpy(sStr1,sStr)   
sStr= 'strcpy'   
sStr = sStr  
sStr= 'strcpy'   
print sStr   
 
连接字符串  
#strcat(sStr1,sStr)   
sStr= 'strcat'   
sStr = 'append'   
sStr+= sStr   
print sStr  
 
查找字符  
#strchr(sStr1,sStr)   
sStr= 'strchr'   
sStr = 's'   
nPos = sStr1.index(sStr)   
print nPos   
 
比较字符串  
#strcmp(sStr1,sStr)   
sStr= 'strchr'   
sStr = 'strch'   
print cmp(sStr1,sStr)  
 
扫描字符串是否包含指定的字符  
#strspn(sStr1,sStr)   
sStr= '1345678'   
sStr = '456'   
#sStrand chars both in sStrand sStr   
print len(sStrand sStr)  
 
字符串长度  
#strlen(sStr1)   
sStr= 'strlen'   
print len(sStr1)   
 
将字符串中的大小写转换  
#strlwr(sStr1)   
sStr= 'JCstrlwr'   
sStr= sStr1.upper()   
#sStr= sStr1.lower()   
print sStr  
 
追加指定长度的字符串  
#strncat(sStr1,sStr,n)   
sStr= '1345'   
sStr = 'abcdef'   
n = 3 
sStr+= sStr[0:n]   
print sStr  
 
字符串指定长度比较  
#strncmp(sStr1,sStr,n)   
sStr= '1345'   
sStr = '13bc'   
n = 3 
print cmp(sStr1[0:n],sStr[0:n])   
 
复制指定长度的字符  
#strncpy(sStr1,sStr,n)   
sStr= ''   
sStr = '1345'   
n = 3 
sStr= sStr[0:n]   
print sStr  
 
将字符串前n个字符替换为指定的字符  
#strnset(sStr1,ch,n)   
sStr= '1345'   
ch = 'r'   
n = 3 
sStr= n * ch + sStr1[3:]   
print sStr  
 
扫描字符串  
#strpbrk(sStr1,sStr)   
sStr= 'cekjgdklab'   
sStr = 'gka'   
nPos = -1 
for c in sStr1:   
     if c in sStr:   
         nPos = sStr1.index(c)   
         break   
print nPos   
 
翻转字符串  
#strrev(sStr1)   
sStr= 'abcdefg'   
sStr= sStr1[::-1]   
print sStr  
 
查找字符串  
#strstr(sStr1,sStr)   
sStr= 'abcdefg'   
sStr = 'cde'   
print sStr1.find(sStr)   
 
分割字符串  
#strtok(sStr1,sStr)   
sStr= 'ab,cde,fgh,ijk'   
sStr = ','   
sStr= sStr1[sStr1.find(sStr) + 1:]   
print sStr  
 或者   
s = 'ab,cde,fgh,ijk'   
print(s.split(','))   
 
连接字符串  
delimiter = ','   
mylist = ['Brazil', 'Russia', 'India', 'China']   
print delimiter.join(mylist)   
PHP 中 addslashes 的实现  
def addslashes(s):   
     d = {'"':'\\"', "'":"\\'", "\0":"\\\0", "\\":"\\\\"}   
    return ''.join(d.get(c, c) for c in s)   
s = "John 'Johny' Doe (a.k.a. \"Super Joe\")\\\0"   
print s   
print addslashes(s)   
 
只显示字母与数字  
def OnlyCharNum(s,oth=''):   
     s = s.lower();   
    fomart = 'abcdefghijklmnopqrstuvwxyz013456789'   
    for c in s:   
        if not c in fomart:   
             s = s.replace(c,'');   
     return s;   
print(OnlyStr("a000 aa-b")) 

转自:http://wangwei007.blog.51cto.com/68019/903426


Python OS 文件操作模块常用函数【转】

我们经常会与文件和目录打交道,对于这些操作python提供了一个os模块,里面包含了很多操作文件和目录的函数。全部函数可以用help(os)或是dir(os)查看其用法。
常用的函数如下:

重命名:os.rename(old, new)
删除:os.remove(file)
列出目录下的文件 :os.listdir(path)
获取当前工作目录:os.getcwd()
改变工作目录:os.chdir(newdir)
创建多级目录:os.makedirs(r"c:\python \test")
创建单个目录:os.mkdir("test")
删除多个目录:os.removedirs(r"c:\python") #删除所给路径最后一个目录下所有空目录。
删除单个目录:os.rmdir("test")
获取文件属性:os.stat(file)
修改文件权限与时间戳:os.chmod(file)
执行操作系统命令:os.system("dir")
启动新进程:os.exec(), os.execvp()
在后台执行程序:osspawnv()
终止当前进程:os.exit(), os._exit()
分离文件名:os.path.split(r"c:\python\hello.py") --> ("c:\\python", "hello.py")
分离扩展名:os.path.splitext(r"c:\python\hello.py") --> ("c:\\python\\hello", ".py")
获取路径名:os.path.dirname(r"c:\python\hello.py") --> "c:\\python"
获取文件名:os.path.basename(r"r:\python\hello.py") --> "hello.py"
判断文件或目录是否存在:os.path.exists(r"c:\python\hello.py") --> True
判断是否是绝对路径:os.path.isabs(r".\python\") --> False
判断是否是目录:os.path.isdir(r"c:\python") --> True
判断是否是文件:os.path.isfile(r"c:\python\hello.py") --> True
判断是否是链接文件:os.path.islink(r"c:\python\hello.py") --> False
获取文件大小:os.path.getsize(filename)
搜索目录下的所有文件:os.path.walk()

转自:http://wangwei007.blog.51cto.com/68019/1217082


破解Linux系统Root密码

看到开机画面
1
开机进入如下画面时 ,按下任意键
2
按下e
3
选中上图所示第二项,按下e进入如下画面
4
输入single 或1 ,(没有r)
5
进入下图,按下b
6
出现如下画面时,输入 passwd root
7
进入下面画面,即可输入新密码.
8


JBoss7配置局域网公网可访问

默认情况下只允许本地访问JBOSS,为了能让局域网其他同事访问或是公网能访问,可以简单做以下配置即可实现访问。

1.打开D:\jboss\standalone\configuration下standalone.xml文件
找到

    <interfaces>
        <interface name="management">
            <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
        </interface>
        <interface name="public">
            <inet-address value="${jboss.bind.address:127.0.0.1}"/>
        </interface>
        <!-- TODO - only show this if the jacorb subsystem is added  -->
        <interface name="unsecure">
            <!--
              ~  Used for IIOP sockets in the standard configuration.
              ~                  To secure JacORB you need to setup SSL 
              -->
            <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
        </interface>
    </interfaces>

在interfaces添加中添加

		<interface name="any">
		<any-ipv4-address/>
		</interface>

成为:

    <interfaces>
        <interface name="management">
            <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
        </interface>
        <interface name="public">
            <inet-address value="${jboss.bind.address:127.0.0.1}"/>
        </interface>
        <!-- TODO - only show this if the jacorb subsystem is added  -->
        <interface name="unsecure">
            <!--
              ~  Used for IIOP sockets in the standard configuration.
              ~                  To secure JacORB you need to setup SSL 
              -->
            <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
        </interface>
		<interface name="any">
		<any-ipv4-address/>
		</interface>
    </interfaces>

第二步:找到

<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">

修改default-interface=”public”中的public为any
如下代码所示:

<socket-binding-group name="standard-sockets" default-interface="any" port-offset="${jboss.socket.binding.port-offset:0}">

第三步:双击D:\jboss\bin下的standalone.bat文件,然后在浏览器中输入局域网IP:8080进行访问是否成功。
jboss7-2