关于AES加密的算法我们就不说了,这里主要给各位演示了三个关于AES算法实现的加密例子,希望本文章能给你带来帮助。
话不多说,先放上代码,一共有两个文件:AES.php(aes算法类文件)和aesDemo.php(应用实例文件),这里只贴出aesDemo.php,其他的看附件吧!
aesDemo.php:
例子,
代码如下 |
复制代码 |
<?php
require_once('./AES.php');
//$aes = new AES();
$aes = new AES(true);// 把加密后的字符串按十六进制进行存储
//$aes = new AES(true,true);// 带有调试信息且加密字符串按十六进制存储
$key = "this is a 32 byte key";// 密钥
$keys = $aes->makeKey($key);
$encode = "123456";// 被加密的字符串
$ct = $aes->encryptString($encode, $keys);
echo "encode = ".$ct."<br>";
$cpt = $aes->decryptString($ct, $keys);
echo "decode = ".$cpt;
?>
|
例子、AES加密类
代码如下 |
复制代码 |
<?php
//php aes加密类
class AESMcrypt {
public $iv = null;
public $key = null;
public $bit = 128;
private $cipher;
public function __construct($bit, $key, $iv, $mode) {
if(empty($bit) || empty($key) || empty($iv) || empty($mode))
return NULL;
$this->bit = $bit;
$this->key = $key;
$this->iv = $iv;
$this->mode = $mode;
switch($this->bit) {
case 192:$this->cipher = MCRYPT_RIJNDAEL_192; break;
case 256:$this->cipher = MCRYPT_RIJNDAEL_256; break;
default: $this->cipher = MCRYPT_RIJNDAEL_128;
} // www.111cn.net
switch($this->mode) {
case 'ecb':$this->mode = MCRYPT_MODE_ECB; break;
case 'cfb':$this->mode = MCRYPT_MODE_CFB; break;
case 'ofb':$this->mode = MCRYPT_MODE_OFB; break;
case 'nofb':$this->mode = MCRYPT_MODE_NOFB; break;
default: $this->mode = MCRYPT_MODE_CBC;
}
}
public function encrypt($data) {
$data = base64_encode(mcrypt_encrypt( $this->cipher, $this->key, $data, $this->mode, $this->iv));
return $data;
}
public function decrypt($data) {
$data = mcrypt_decrypt( $this->cipher, $this->key, base64_decode($data), $this->mode, $this->iv);
$data = rtrim(rtrim($data), "..");
return $data;
}
}
//使用方法
$aes = new AESMcrypt($bit = 128, $key = 'abcdef1234567890', $iv = '0987654321fedcba', $mode = 'cbc');
$c = $aes->encrypt('haowei.me');
var_dump($aes->decrypt($c));
|
例子、附一个可加密可解密类
代码如下 |
复制代码 |
<?PHP
/**
* AES加密、解密类
* @author hushangming
*
* 用法:
* <pre>
* // 实例化类
* // 参数$_bit:格式,支持256、192、128,默认为128字节的
* // 参数$_type:加密/解密方式,支持cfb、cbc、nofb、ofb、stream、ecb,默认为ecb
* // 参数$_key:密钥,默认为abcdefghijuklmno
* $tcaes = new TCAES();
* $string = 'laohu';
* // 加密
* $encodeString = $tcaes->encode($string);
* // 解密
* $decodeString = $tcaes->decode($encodeString);
* </pre>
*/
class TCAES{
private $_bit = MCRYPT_RIJNDAEL_256;
private $_type = MCRYPT_MODE_CBC;
//private $_key = 'abcdefghijuklmno0123456789012345';
private $_key = 'abcdefghijuklmno'; // 密钥
private $_use_base64 = true;
private $_iv_size = null;
private $_iv = null;
/**
* @param string $_key 密钥
* @param int $_bit 默认使用128字节
* @param string $_type 加密解密方式
* @param boolean $_use_base64 默认使用base64二次加密
*/
public function __construct($_key = '', $_bit = 128, $_type = 'ecb', $_use_base64 = true){
// 加密字节
if(192 === $_bit){
$this->_bit = MCRYPT_RIJNDAEL_192;
}elseif(128 === $_bit){
$this->_bit = MCRYPT_RIJNDAEL_128;
}else{
$this->_bit = MCRYPT_RIJNDAEL_256;
}
// 加密方法
if('cfb' === $_type){
$this->_type = MCRYPT_MODE_CFB;
}elseif('cbc' === $_type){
$this->_type = MCRYPT_MODE_CBC;
}elseif('nofb' === $_type){
$this->_type = MCRYPT_MODE_NOFB;
}elseif('ofb' === $_type){
$this->_type = MCRYPT_MODE_OFB;
}elseif('stream' === $_type){
$this->_type = MCRYPT_MODE_STREAM;
}else{
$this->_type = MCRYPT_MODE_ECB;
}
// 密钥
if(!empty($_key)){
$this->_key = $_key;
}
// 是否使用base64
$this->_use_base64 = $_use_base64;
$this->_iv_size = mcrypt_get_iv_size($this->_bit, $this->_type);
$this->_iv = mcrypt_create_iv($this->_iv_size, MCRYPT_RAND);
}
/**
* 加密
* @param string $string 待加密字符串
* @return string
*/
public function encode($string){
if(MCRYPT_MODE_ECB === $this->_type){
$encodeString = mcrypt_encrypt($this->_bit, $this->_key, $string, $this->_type);
}else{
$encodeString = mcrypt_encrypt($this->_bit, $this->_key, $string, $this->_type, $this->_iv);
}
if($this->_use_base64)
$encodeString = base64_encode($encodeString);
return $encodeString;
}
/**
* 解密
* @param string $string 待解密字符串
* @return string
*/
public function decode($string){
if($this->_use_base64)
$string = base64_decode($string);
$string = $this->toHexString($string);
if(MCRYPT_MODE_ECB === $this->_type){
$decodeString = mcrypt_decrypt($this->_bit, $this->_key, $string, $this->_type);
}else{
$decodeString = mcrypt_decrypt($this->_bit, $this->_key, $string, $this->_type, $this->_iv);
}
return $decodeString;
}
/**
* 将$string转换成十六进制
* @param string $string
* @return stream
*/
private function toHexString ($string){
$buf = "";
for ($i = 0; $i < strlen($string); $i++){
$val = dechex(ord($string{$i}));
if(strlen($val)< 2)
$val = "0".$val;
$buf .= $val;
}
return $buf;
}
/**
* 将十六进制流$string转换成字符串
* @param stream $string
* @return string
*/
private function fromHexString($string){
$buf = "";
for($i = 0; $i < strlen($string); $i += 2){
$val = chr(hexdec(substr($string, $i, 2)));
$buf .= $val;
}
return $buf;
}
}
|
下面来给大家分享两个关于php威盾解密的例子,一个是批量解密一个是超级算法的解密都非常的好,大家有举的进入参考。
例子,批量解密
代码如下 |
复制代码 |
<?php
/***********************************
*威盾PHP加密专家解密算法 By:zhrt
*http://www.111cn.Net
*2013.12.31
*把该程序放到网站程序的目录下,即可针对文件所在目录及子目录的文件进行破解,源加密文件被更改名为.bak.php.
***********************************/
//decode("Image.class.php");
function explorerdir($dir)
{
$dp=opendir($dir); //打开目录句柄
//echo " ".$dir."rn"; //输出目录
while ($file = readdir($dp)) //遍历目录
{
if ($file !='.'&&$file !='..') //如果文件不是当前目录及父目录
{
$path=$dir.DIRECTORY_SEPARATOR.$file; //获取路径
if(is_dir($path)) //如果当前文件为目录
{
explorerdir($path); //递归调用
}
else //如果不是目录
{
//echo "-".$path."n"; //输出文件名
echo decode($path);
}
}
}
closedir($dp); //关闭文件名柄
}
explorerdir("."); //调用当前目录
function decode($filename="")
{
if(pathinfo($filename, PATHINFO_EXTENSION)!="php" || strpos($filename,".bak.php") || realpath($filename) == __FILE__ ){return;}
//$filename="intro.class.php";//要解密的文件
if(!file_exists($filename))
{
exit("file is not exist;");
}
$lines = file($filename);//0,1,2行
//第一次base64解密
$content="";
if(preg_match("/O0O0000O0('.*')/",$lines[1],$y))
{
$content=str_replace("O0O0000O0('","",$y[0]);
$content=str_replace("')","",$content);
$content=base64_decode($content);
}
else
{
weidun_log(false,realpath($filename)." is not Encrypted!");
return false;
}
//第一次base64解密后的内容中查找密钥
$decode_key="";
if(preg_match("/),'.*',/",$content,$k))
{
$decode_key=str_replace("),'","",$k[0]);
$decode_key=str_replace("',","",$decode_key);
}
//查找要截取字符串长度
$str_length="";
if(preg_match("/,d*),/",$content,$k))
{
$str_length=str_replace("),","",$k[0]);
$str_length=str_replace(",","",$str_length);
}
//截取文件加密后的密文
$Secret=substr($lines[2],$str_length);
//echo $Secret;
//直接还原密文输出
echo "<!-- <?phpn".base64_decode(strtr($Secret,$decode_key,'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'))."?> -->"; //很奇怪,去掉这行,下面的代码就出现问题,可能跟编码有关,在这里我就暂时不做进一步分析了,注视掉避免界面缭乱。
//echo "解密中....<br>";
$filecontent = "<?phpn".base64_decode(strtr($Secret,$decode_key,'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'))."?>";
//echo $filecontent;
$filenamebak = str_replace(".php",".bak.php",$filename);
if(!file_exists($filenamebak)){
if(rename($filename,$filenamebak))
{
if(!file_exists($filename) && file_exists($filenamebak))//文件被更改成功
{
$fp = fopen($filename,"w");
fwrite($fp,$filecontent);
fclose($fp);
}
}
}else{
//return("备份文件".$filenamebak."已存在,停止解密。");
weidun_log(false,realpath($filenamebak)." is exist!");
return false;
}
weidun_log(true,realpath($filename)." - successful!");
return $filename." - successful! n";
}
function weidun_log($s = true,$c ="")
{
if($s)
{
$fp = fopen("./log.txt","a+");
fwrite($fp,$c."n");
fclose($fp);
}
else
{
$fp = fopen("./log_error.txt","a+");
fwrite($fp,$c."n");
fclose($fp);
}
}
?>
|
例子,一个强人的加密做法
代码如下 |
复制代码 |
<?php
function pass($str){
Return htmlspecialchars(base64_decode(strtr($str, 'EnteryouwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQqSsVvXxZz0123456789+/=', 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/')));
}
echo nl2br(pass('kr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ4LT09NHr8XTzEXRJwmwJXPkr9NTzEXHenNHtILT08XT08XHr8XhtONTznNTzEXHr8Pkr8XHenNHr8XHtXLT08XHr8XHeEXhUXmOB50cbk5d3a3D2iUUylRTlfNaaOnCAkJW2YrcrcMO2fkDApQToxYdanXAbyTF1c2BuiDGjExHjH0YTC3KeLqRz0mRtfnWLYrOAcuUrlhU0xYTL9WAakTayaBa1icBMyJC2OlcMfPDBpqdo1Vd3nxFmY0fbc3Gul6HerZHzW1YjF4KUSvkZLphUL7cMYSd3YlhtONHeEXTznNHeEpK2a2CBXPkr9NHenNHenNHtL7eWPicoaMDB5lctImUA5gTaLmhUEMkMa4DbWPk0yjC2azFZnrcB5pcBWmhTSYtMYSCbYzwoivfoaSwoa4foaVcuHITB9LcBXIGX0hFukpfMy0cUELfoyJdoaXFMA7eWpXfBkSDBHIcMlVCBXIcmaVC3Opd24Ib19jd25zfuk1C3WPhUn7eWpmdo9JCBXIkr15Orw7eWPLfoipFZ0+foyJdoaXFMAINUELTblrWlSmcokXFMaMDbImbTSYtJO0DolzRT5jd25VcBY0htL7eWp9eWpXfBkSDBHIcmaVC3Opd24Ic2a0UB5MdZILDBWpwuSYtmklfuaZdJELfoipFZ0+cowsNMclfoYPb2cpFmY0htkTOAxyW1WICoiIRJPSCoYvCt5IdMyscBEIWaHICoYvfMaZTMyscBESCoxIRMnVCB1lCtnnAZnIdoa2cBxKCB1lCtxIdoEVCunpC3O1FMaIwryTwonScbcldynpC3O1FMaIRoniCt5IdMyscBEIWaHICoyZcByKCB1lCtxICBEVCoYpfulkcoESCoY0Ct5IdMyscBEIWaHICoYpfulKCB1lCtxIC3OIRMnXFM92DB5jcAlLCtxIFucIRMnVCB1lCtnnAZnIFukvfMlVC2aKCB1lCtxIdo1IRMnVCB1lCtnnAZnIdoyVco1iFMsKCB1lCtxIF2yIRMnVCB1lCtnnAZnIF2ivFoyZcByKCB1lCtxkOL5aTrXPCoYIRMnjd21scB50TmasCtXXhUnnAZnIC29sdBaVfr51dBESW0akTrlKOZikOL5aTrXPCuYIRMnzCbOpF2ciC3Opd25IRerXHtLpwryTwonzCbOpF2ciC3Opd25IRrYNaA5AhonXCt5IDBOIhUnnAZnIFoivfo9KfB1IRonjCbOlc29ZGBEIOlkNTUnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEICoiIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1ScbcldoEICoxIwr9KwonPCt5Idoa2cBxkcoE9CoxIRMnpcoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgByZcByIwoniCtnNTJnIDoEVCoyZcBykcoE9CoyIRMnpcoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgBYpfulIwonjfoEIT04ICoyIRMnjDbO5UBOINBnjfoEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9FukvfMlVC2aIwonXfMEIT04ICoY0Ct5IFukvfMlVC2akcoE9Cun2Ct5IDBOIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1SCB5LdByZD2EICoxsCtnNTJnIDoEVCoxidMOsCbkqUBOINBnSdBEVColLCtnnTLWICoxsCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoxsCt5IDbYLcBxINTEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgbYPd3niFMaiCtnIF2yIwr9KwonPCt5IF2ivFoyZcBykcoE9CuYiCt5IDBOIwryKOtnIF2yIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIF2yIRMnpF2OldoE9HtnHOAcAwrpNUA4IhyYyTraeatnIDoEVColLCtnnAZnIDo90cBxkcoESW09aTlWPCoYIRMnpcoEpwryTwonjd21scB50TmasCtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBYvdB1ldmOIwonjCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Do90cBxIwonPCtnNTJnIC2EVCoivfoaSUBOINBnPCt5IDBOIwyfwOakywonjCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoYIRMnpF2OldoE9HtnuAL9aAtntBUnIDoEVColLCtLICoYIwr9KwonPCt5IDBOINBnjCt5IDo90cBxkcoEITraoatnhT0lKwtiTOAxyW1WICoiIRMnpcoEIWaHICoivfoaSUBOIRtieT1aKatiIc29vcoEVColLCtLqW09aTlWPCo1lcol1dBEVColLCtLQHt41hU8PW09aTlWPCofvd2OIRMnpcoEph0YNaA5AhonscBOpfB1IRMnpcoEph0YNaA5AhonJCBOIRMnpcoEphUPxHeEIWaHICuYifolzcMyjfolvdMEIOlkNTUnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEICoiIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1jd21scB50CtnIc29vcoEIT04ICoiIRMnpcoE9Cofvd2OIRMnPd3OldrlLCtnnTLWICofvd2OIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIc29vcoEVColzcoaSCe0XwryKOtnIc29vcoEVCuYjd3klCe0m5DB96h+rkZnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9C29sdBaVfoEICo1lcol1dBEIT04ICoiIRMnpcoE9Co1lcol1dBEVCoivfoaSUBOIwryKOtnIdBaLDbasCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICo1lcol1dBEVColzcoaSCe0XwryKOtnIdBaLDbasCt5IF2YvFMaINUgLVh3Pq4WmwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1jd21scB50CtnICMyLCtnNTJnIDoEVColLCe1ICMyLCt5IDo90cBxkcoEIWA5rwonJCBOIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnICMyLCt5IDbYLcBxINTEIWA5rwonJCBOIRMnzC29ZcBE9k+B3qVJvitFIa0iyALAICoiIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIDoEVColzcoaSCe0XwrfUT1aWwrkcwonPCt5IDBOIhUnIF2EIT04ICoiIRMnpcoE9CuYIRMnPd3OldrlLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Foivfo9Iwonjd2EIT04ICoiIRMnjd3clFME9CoYvCt5IDBOIwryKOtnIC29IRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIC29IRMnpF2OldoE9HtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Foivfo9IwonXCtnNTJnIDoEVColLCe1IFoEVCoYifoamd3k5AMaSUBOIwryKOtnIFoEVCoYifoamd3k5TMyscBE9k2ivfoaSkZnnTLWICunIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIFoEVColzcoaSCe0XwyfwOakywonPCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoiIRMnpF2OldoE9HtnnTLWICoxIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIdoEVColzcoaSCe0XwryKOtnICBEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwoniCt5IDbYLcBxINTEIWA5rwonjfoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonjfoEVColzcoaSCe0XwryKOtnIFucIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIFucIRMnpF2OldoE9HtnnTLWICoiIRMnpcoE9kolLwrfUT1aWwrkcwonPCt5IDBOIwJL7eWp9eWpXfBkSDBHIcmaVC3Opd24Ic2a0TolzftILf2ilFMASko9ZcoaZWmLSkolzWaYewe0IaykaOUXLDB5LcbIINUExRtOzDbplwe0IHtLIGX0hkuY0Cbk0we0IhtOpdMOlGtEsHULIhJELF2l6cTSYtJOzFBXINUEJA0aHOAYAwonPd3OldoEVhJxIcMy2d3kpfoaIRMnJd29qTmasCtxIFukpC2aIRMnXFMljcBESCoYifoamd3k5CtnoAL9YwtiTOAxyW1WICoiIRJPSCoYvCt5IdMyscBEIWaHICoYvfMaZTMyscBESCoxIRMnVCB1lCtnnAZnIdoa2cBxKCB1lCtxIdoEVCunpC3O1FMaIwryTwonScbcldynpC3O1FMaIRonSCt5IcolzFoxiGA9ZcoaZCtnnAZnIdoa2cBxNFMOlFMESCoyIRMnVCB1lCtnnAZnICbklCA5idBaIRonjfoEVCo5idBaIwryTwonjDbO5TMyscBESCun2Ct5IdMyscBEIWaHICunZd3cpdMYlTMyscBESCoxsCt5IdMyscBEIWaHICoxidMOsCbkqTMyscBESwonSdBEVCoYifoamd3k5CtnnAZnIdoyVco1iFMsjCbOlc29ZGBEIRonzCBEVCo5idBaIwryTwonzDo9XCbklCA5idBaIRrloTlaHTtiIC2EVCoYvdB1ldmOKfB1IReEpwryTwonjd21scB50TmasCtxeOAlHUA5uhrloTlaHTtiIF2EVCuYifolzcMyjfolvdMESHTEXhULIWaHICuYifolzcMyjfolvdMESW09aTlWPCunIRMnpcoEpwryTwonXDo90d051dBESCoYifoamd3k5CtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBivfoaSCtnIDoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgBxlfMaSCtnIdoEIT04ICoiIRMnScbcldrlLCe1IdoEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9CbklCBEICoyIwr9KwonPCt5ICbklCAlLCe1ICBEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9C2l0GBEICoY0CtnNTJnICBEVCoYpfulkcoE9CoY0Ct5IDBOIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1XFM92DB5jcBEICun2CtnNTJnIC3OIRMnXFM92DB5jcAlLCe1IFucIRMnpcoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgBxidMOsCbkqCtnIdo1Iwr9KwonPCt5IdoyVco1iFMskcoE9CoxsCt5IDBOIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1zDo9XCbklCBEICuYiCtnNTJnIDoEVCuYPd3niFMaiUBOINBnzCBEVColLCtnHOAcAwrpNUA4IhyYyTraeatnIDoEVColLCtnnAZnIDo90cBxkcoESW09aTlWPCoYIRMnpcoEpwryTwonjd21scB50TmasCtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBYvdB1ldmOIwonjCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Do90cBxIwonPCtnNTJnIC2EVCoivfoaSUBOINBnPCt5IDBOIwyfwOakywonjCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoYIRMnpF2OldoE9HtnuAL9aAtntBUnIDoEVColLCtLICoYIwr9KwonPCt5IDBOINBnjCt5IDo90cBxkcoEITraoatnhT0lKwtiTOAxyW1WICoiIRMnpcoEIWaHICoivfoaSUBOIRtieT1aKatiIc29vcoEVColLCtLqW09aTlWPCo1lcol1dBEVColLCtLQHt41hU8PW09aTlWPCofvd2OIRMnpcoEph0YNaA5AhonscBOpfB1IRMnpcoEph0YNaA5AhonJCBOIRMnpcoEphUPxHeEIWaHICuYifolzcMyjfolvdMEIOlkNTUnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEICoiIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1jd21scB50CtnIc29vcoEIT04ICoiIRMnpcoE9Cofvd2OIRMnPd3OldrlLCtnnTLWICofvd2OIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIc29vcoEVColzcoaSCe0XwryKOtnIc29vcoEVCuYjd3klCe0m5DB96h+rkZnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9C29sdBaVfoEICo1lcol1dBEIT04ICoiIRMnpcoE9Co1lcol1dBEVCoivfoaSUBOIwryKOtnIdBaLDbasCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICo1lcol1dBEVColzcoaSCe0XwryKOtnIdBaLDbasCt5IF2YvFMaINUgLVh3Pq4WmwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1jd21scB50CtnICMyLCtnNTJnIDoEVColLCe1ICMyLCt5IDo90cBxkcoEIWA5rwonJCBOIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnICMyLCt5IDbYLcBxINTEIWA5rwonJCBOIRMnzC29ZcBE9k+B3qVJvitFIa0iyALAICoiIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIDoEVColzcoaSCe0XwrfUT1aWwrkcwonPCt5IDBOIhUnIF2EIT04ICoiIRMnpcoE9CuYIRMnPd3OldrlLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Foivfo9Iwonjd2EIT04ICoiIRMnjd3clFME9CoYvCt5IDBOIwryKOtnIC29IRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIC29IRMnpF2OldoE9HtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Foivfo9IwonXCtnNTJnIDoEVColLCe1IFoEVCoYifoamd3k5AMaSUBOIwryKOtnIFoEVCoYifoamd3k5TMyscBE9k2ivfoaSkZnnTLWICunIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIFoEVColzcoaSCe0XwyfwOakywonPCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoiIRMnpF2OldoE9HtnnTLWICoxIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIdoEVColzcoaSCe0XwryKOtnICBEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwoniCt5IDbYLcBxINTEIWA5rwonjfoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonjfoEVColzcoaSCe0XwryKOtnIFucIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIFucIRMnpF2OldoE9HtnuAL9aAtntBUnIDoEVColLCtLICoivfoaSCtnHOAcAwrpNUA4IhyYyTraeatnIDoEVColLCtxeT1aKatiId2EVColLCtLIWaHICokvd2sKfB1IwrcUT00ICuSLfoipFZ0+foyJdoaXFMa9d3kLcbkgFM9vdBEICo9IwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1Zd29sCtnIFMEIT04ICo9IRMnZd29sUBOINBnZCt5IDBOIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEICoiIwr9KwonZCt5IDo90cBxkcoE9CoiIRMnpcoEIa0iyALAICo9IRMnpF2OldoE9HtnnTLWICukIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIFMEVColzcoaSCe0XwryKOtnIDoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonPCt5IDbYLcBxINTEIUaHITL9Awr5aTrXIO1kNaaEIWlLIColLCtLICocifM9ZDbOlCtnNTJnIDo90cBxIRMnpcoE9CocifM9ZDbOlCt5IDBOIwrxyOlWIUL9kTJEPA0aHOAYAwonPCt5IDBOIRr1kTJiIFoEVCunZDBYlCtLIWaHICunZDBYlCtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBivfoaSCtnIDoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgbkvd21IwonZCtnNTJnIDoEVColLCe1IFMEVCoivfoaSUBOIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1XFMljca9Zd29sCtnIFoEIT04ICukIRMnpcoE9CunIRMnZd29sUBOIwyfwOakywonPCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoiIRMnpF2OldoE9HtnnTLWICukIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIFMEVColzcoaSCe0XwryKOtnIFoEVCoOifoaINAOnarAPTL9bhtLpwryKOtnIFoEVColzcoaSCe0XwryKOtnIFoEVCunZDBYlCtnkAZnKT1WITlaHTtnuAL9aAtntBUnIDBOIhUnIFukpC2aIwr9KwonPd3OldoEVColLCe1IFukpC2aIRMnpcoEIwJ4PDbYzcbWPkufPcbklGzn9hUE/wlfwOakywtO3DoaZcUEJKJEmkZLVwL9UOraUwrkcwoELd3kLcbktGBEIwJ4PkolzWaYewe8JWaYewjPIwLOyA0HJhU4PkuYpGMAINjEINZwITrlYUaWIkuY0Cbk0RtOzDbplwjPIkZFpKX0hFMa0fbkVwtO0DolzRT5LCJ0+cMa0C2igCBxShtOzFBXpKX0hgW0hFuaJdoljwoc1dMY0DB9VwoflfrYvfB50htO3DoaZcUE9wtFmhUn7eWPLC291dmWINUELfoipFZ0+cowsNmklF3aSfy9MDbkzftIJA0aHOAYAwrYNaA5AhtPpwrcUT00IhyYyTraeatnIDoEVhJxIC29IRMnVCB1lCtnnAZnIC292cbkKCB1lCtxIdoEVCo5idBaIwryTwonScbcldr5idBaIRonSCt5IFoljfuaZcBEIWaHICoxlfMaSAoljfuaZcBESCoyIRMnVCB1lCtnnAZnICbklCA5idBaIRonjfoEVCo5idBaIwryTwonjDbO5TMyscBESCun2Ct5IdMyscBEIWaHICunZd3cpdMYlTMyscBESCoxsCt5IdMyscBEIWaHICoxidMOsCbkqTMyscBESwonSdBEVCoYifoamd3k5CtnnAZnIdoyVco1iFMsjCbOlc29ZGBEIRonzCBEVCo5idBaIwryTwonzDo9XCbklCA5idBaIRrloTlaHTtiIC2EVCoYvdB1ldmOKfB1IReEpwryTwonjd21scB50TmasCtxeOAlHUA5uhrloTlaHTtiIF2EVCuYifolzcMyjfolvdMESHTEXhULIWaHICuYifolzcMyjfolvdMESW09aTlWPCunIRMnpcoEpwryTwonXDo90d051dBESCoYifoamd3k5CtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBivfoaSCtnIDoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgBxlfMaSCtnIdoEIT04ICoiIRMnScbcldrlLCe1IdoEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9CbklCBEICoyIwr9KwonPCt5ICbklCAlLCe1ICBEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9C2l0GBEICoY0CtnNTJnICBEVCoYpfulkcoE9CoY0Ct5IDBOIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1XFM92DB5jcBEICun2CtnNTJnIC3OIRMnXFM92DB5jcAlLCe1IFucIRMnpcoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgBxidMOsCbkqCtnIdo1Iwr9KwonPCt5IdoyVco1iFMskcoE9CoxsCt5IDBOIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1zDo9XCbklCBEICuYiCtnNTJnIDoEVCuYPd3niFMaiUBOINBnzCBEVColLCtnHOAcAwrpNUA4IhyYyTraeatnIDoEVColLCtnnAZnIDo90cBxkcoESW09aTlWPCoYIRMnpcoEpwryTwonjd21scB50TmasCtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBYvdB1ldmOIwonjCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Do90cBxIwonPCtnNTJnIC2EVCoivfoaSUBOINBnPCt5IDBOIwyfwOakywonjCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoYIRMnpF2OldoE9HtnuAL9aAtntBUnIDoEVColLCtLICoYIwr9KwonPCt5IDBOINBnjCt5IDo90cBxkcoEITraoatnhT0lKwtiTOAxyW1WICoiIRMnpcoEIWaHICoivfoaSUBOIRtieT1aKatiIc29vcoEVColLCtLqW09aTlWPCo1lcol1dBEVColLCtLQHt41hU8PW09aTlWPCofvd2OIRMnpcoEph0YNaA5AhonscBOpfB1IRMnpcoEph0YNaA5AhonJCBOIRMnpcoEphUPxHeEIWaHICuYifolzcMyjfolvdMEIOlkNTUnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEICoiIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1jd21scB50CtnIc29vcoEIT04ICoiIRMnpcoE9Cofvd2OIRMnPd3OldrlLCtnnTLWICofvd2OIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIc29vcoEVColzcoaSCe0XwryKOtnIc29vcoEVCuYjd3klCe0m5DB96h+rkZnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9C29sdBaVfoEICo1lcol1dBEIT04ICoiIRMnpcoE9Co1lcol1dBEVCoivfoaSUBOIwryKOtnIdBaLDbasCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICo1lcol1dBEVColzcoaSCe0XwryKOtnIdBaLDbasCt5IF2YvFMaINUgLVh3Pq4WmwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1jd21scB50CtnICMyLCtnNTJnIDoEVColLCe1ICMyLCt5IDo90cBxkcoEIWA5rwonJCBOIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnICMyLCt5IDbYLcBxINTEIWA5rwonJCBOIRMnzC29ZcBE9k+B3qVJvitFIa0iyALAICoiIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIDoEVColzcoaSCe0XwrfUT1aWwrkcwonPCt5IDBOIhUnIF2EIT04ICoiIRMnpcoE9CuYIRMnPd3OldrlLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Foivfo9Iwonjd2EIT04ICoiIRMnjd3clFME9CoYvCt5IDBOIwryKOtnIC29IRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIC29IRMnpF2OldoE9HtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Foivfo9IwonXCtnNTJnIDoEVColLCe1IFoEVCoYifoamd3k5AMaSUBOIwryKOtnIFoEVCoYifoamd3k5TMyscBE9k2ivfoaSkZnnTLWICunIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIFoEVColzcoaSCe0XwyfwOakywonPCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoiIRMnpF2OldoE9HtnnTLWICoxIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIdoEVColzcoaSCe0XwryKOtnICBEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwoniCt5IDbYLcBxINTEIWA5rwonjfoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonjfoEVColzcoaSCe0XwryKOtnIFucIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIFucIRMnpF2OldoE9HtnnTLWICoxsCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoxsCt5IDbYLcBxINTEIO1kNaaEIWlLICoiIRMnpcoEpwon0dbnIwJ4PDbYzcbWPkufPcbklGzn9hUE/wJnbUraUOUELf2ilFMAJKJEmkZLpKX0hFMa0fbkVwoyZFMy5htfidoXmNT4LC291dmWpKX0hgW0hFuaJdoljwoc1dMY0DB9VwoflfrxpF3OtGAcifM9ZDbOlhtO3DoaZcUXLd3kLcbktGUXLDbYnA0HINUnAAlayRtOpdMOlGtE9werSkuYpGMAINUEXhUn7eWPLF3OiFmWINUEPkolVcoa4wt0xhUEQwtOzDbplKX0hkuYxdtE9wtkTOAxyW1WIhJnoAL9YwtiTOAxyW1WIW09aTlWPCo9IRMnpcoEpwryTwonJd29qTmasCtxId2EVCo1ldBklFLlLCtxIFMEVCoivfoaSUBOIRonPCt5IdMyscBEIWaHICoivfoaSTMyscBESCoxIRMnVCB1lCtnnAZnIdoa2cBxKCB1lCtxIDoEVCoyLcuklF3YIRonXCt5IdMyscBEIWaHICoYvfMaZTMyscBESCoiIRMnLcbOiDBxIwrcUT00ICuSLfoipFZ0+foyJdoaXFMa9d3kLcbkgFM9vdBEICo9IwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1scB1JcbkIwonsCtnNTJnId2EVCo1ldBklFLlLCe1IdBEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9FM9vdBEICukIwr9KwonvCt5IFM9vdAlLCe1IFMEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Do90cBxIwonPCtnNTJnIFMEVCoivfoaSUBOINBnPCt5IDBOIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1ScbcldoEICoxIwr9KwonPCt5Idoa2cBxkcoE9CoxIRMnpcoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgbnPd3OvCtnIFoEIT04ICoiIRMnjd3clFME9CunIRMnpcoEIa0iyALAICo9IRMnpF2OldoE9HtnnTLWICo1IRMnzfoy0fbYINUgls7RMv4eMsRSmwryKOtnIdBEVColzcoaSCe0XwryKOtnIFMEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonZCt5IDbYLcBxINTEIWA5rwonPCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoiIRMnpF2OldoE9HtnuAL9aAtntBUnIdBasCMaZUBOIRonPd3OldrlLCtxIDo90cBxKCB1lCtLICuOsFoEIwJ4PDbYzcbWPkufPcbklGzn9hUE/wlfwOakywtO3DoaZcUEJKJEmkZLVwL9UOraUwrkcwoELd3kLcbktGBEIwJ4PkolzWaYewe8JWaYewjPIwLOyA0HJhU4PkuYpGMAINjEINZwITrlYUaWIkuY0Cbk0RtOzDbplwjPIkZFpKX0hFMa0fbkVwtO0DolzRT5LCJ0+cMa0C2igCBxShtOzFBXpKX0hgW0hFuaJdoljwoc1dMY0DB9VwoflfrYvfB50WmloCbcvFMl0cUILf2ilFMAINUEmkZLIGX0hkoYvfB50we0IkuOPDbHsNMOJRT5ZcbY1duOgcMlZF3WPwlYyTraeatneT1aKatIQhUnoAL9YwtiTOAxyW1WIW09aTlWPCo9IRMnpcoEpwryTwonJd29qTmasCtxId2EVCo1ldBklFLlLCtxIFMEVCoivfoaSUBOIRonPCt5IdMyscBEIWaHICoivfoaSTMyscBESCoxIRMnVCB1lCtnnAZnIdoa2cBxKCB1lCtxIDoEVCoyLcuklF3YIRonXCt5IdMyscBEIWaHICoYvfMaZTMyscBESCoiIRMnLcbOiDBxIwrcUT00ICuSLfoipFZ0+foyJdoaXFMa9d3kLcbkgFM9vdBEICo9IwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1scB1JcbkIwonsCtnNTJnId2EVCo1ldBklFLlLCe1IdBEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9FM9vdBEICukIwr9KwonvCt5IFM9vdAlLCe1IFMEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Do90cBxIwonPCtnNTJnIFMEVCoivfoaSUBOINBnPCt5IDBOIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1ScbcldoEICoxIwr9KwonPCt5Idoa2cBxkcoE9CoxIRMnpcoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgbnPd3OvCtnIFoEIT04ICoiIRMnjd3clFME9CunIRMnpcoEIa0iyALAICo9IRMnpF2OldoE9HtnnTLWICo1IRMnzfoy0fbYINUgls7RMv4eMsRSmwryKOtnIdBEVColzcoaSCe0XwryKOtnIFMEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonZCt5IDbYLcBxINTEIWA5rwonPCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoiIRMnpF2OldoE9HtnuAL9aAtntBUnIdBasCMaZUBOIRonPd3OldrlLCtxIDo90cBxKCB1lCtLICuOsFoEJRJipF3YlftILf2ilFMa7Hu0pwe8JwyfwOakywtO3DoaZcUw6wtFmhUL7eWpZcbO1FM4ICbkZCbLPk2ySdtF9NJOjd3aVftL7eWp9eWpXfBkSDBHIcmaVC3Opd24Ic2a0WbklCUIpwuSYtmklfuaZdJELfoipFZ0+cowsNMclfoYPb2ySdtIJA0aHOAYAwonpcoESCo5idBaIwrcUT00ICuSLfoipFZ0+foyJdoaXFMa9CbklCBEIa0iyALAIColzcoaSCe0XwryKOtnIF3OifuazCe0m5dGZ5D6i5Qt4kZnNALOyAJntBUnIcolzFoxiGA9ZcoaZCtnrOaYewJL7eWp9eWpXfBkSDBHIcmaVC3Opd24Ic2a0Toa2cBXPhUn7eWpZcbO1FM4IkuOPDbHsNMOJRT5McbOjDy9idoXPwlYyTraeatnIDBOIRonVCB1lCtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBxlfMaSCtnbUraUOUnIDbYLcBxINTEIWA5rwonzfoy0fbYINUgls7RlqQuMPRImwr9UOraUwrkcwonLDbYXdoy5T3kLcbkIwrOyA0HJhTSYtm0Ytmn1CMxpCZnMfB5jfolvdJnmcbOTDo9XWbklCUIpwuSYtmklfuaZdJELfoipFZ0+cowsNMclfoYPb2ySdtIJA0aHOAYAwonpcoESCo5idBaIwrcUT00ICuSLfoipFZ0+foyJdoaXFMa9F2ivFoyZcByIwyfwOakywonpF2OldoE9HtnnTLWICuY0CbO1F2E9k+B3SVBVPGDIVtFIT1krOawIWlLICoOpF3nSCblNFMOlFMEIWaYewJL7eWp9eWpXfBkSDBHIcmaVC3Opd24Ic2a0TMaiFLk5htOPd3OldrlLRtOVfB0pwuSYtmklfuaZdJELfoipFZ0+cowsNMclfoYPb2ySdtIJA0aHOAYAwonPd3OldoEVhJxIcMy2d3kpfoaIRMnJd29qTmasCtxIFukpC2aIRMnXFMljcBESCoYifoamd3k5CtnoAL9YwtiTOAxyW1WICoiIRJPSCoYvCt5IdMyscBEIWaHICoYvfMaZTMyscBESCoxIRMnVCB1lCtnnAZnIdoa2cBxKCB1lCtxIdoEVCunpC3O1FMaIwryTwonScbcldynpC3O1FMaIRonSCt5IcolzFoxiGA9ZcoaZCtnnAZnIdoa2cBxNFMOlFMESCoyIRMnVCB1lCtnnAZnICbklCA5idBaIRonSdBEVCo5idBaIwryTwonSCB5LdByZD05idBaIRonzCBEVCo5idBaIwryTwonzDo9XCbklCA5idBaIRrloTlaHTtiIC2EVCoYvdB1ldmOKfB1IReEpwryTwonjd21scB50TmasCtxeOAlHUA5uhrloTlaHTtiIF2EVCuYifolzcMyjfolvdMESHTEXhULIWaHICuYifolzcMyjfolvdMESW09aTlWPCunIRMnpcoEpwryTwonXDo90d051dBESCoYifoamd3k5CtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBivfoaSCtnIDoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgBxlfMaSCtnIdoEIT04ICoiIRMnScbcldrlLCe1IdoEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9CbklCBEICoyIwr9KwonPCt5ICbklCAlLCe1ICBEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9doyVco1iFMsIwonSdBEIT04ICoiIRMnSCB5LdByZD0lLCe1Ido1IRMnpcoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgbYPd3niFMaiCtnIF2yIwr9KwonPCt5IF2ivFoyZcBykcoE9CuYiCt5IDBOIwrxyOlWIUL9kTJEPA0aHOAYAwonPCt5IDBOIwryTwonPd3OldrlLCtxeT1aKatiIC2EVColLCtLIWaHICoYvdB1ldmOKfB1IwrcUT00ICuSLfoipFZ0+foyJdoaXFMa9C29sdBaVfoEICoYIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEICoiIwr9KwonjCt5IDo90cBxkcoE9CoiIRMnpcoEIa0iyALAICoYIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIC2EVColzcoaSCe0XwrfUT1aWwrkcwonPCt5IDBOIhUnIC2EIT04ICoiIRMnpcoE9CoYIRMnPd3OldrlLCtnHOAcAwrpNUA4IhyYyTraeatnIDoEVColLCtnnAZnIDo90cBxkcoEShrYNaA5Ahonmd29LCt5IDBOIhUseT1aKatiIdBaLDbasCt5IDBOIhUPXRjApRZieT1aKatiIc29vcoEVColLCtLqW09aTlWPCo1lcol1dBEVColLCtLqW09aTlWPCokicoEVColLCtLphjrXHtnnAZnIF2y0DbYMCBY0DB9VCtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBivfoaSCtnIDoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgBYvdB1ldmOIwonmd29LCtnNTJnIDoEVColLCe1Ic29vcoEVCoivfoaSUBOIwryKOtnIc29vcoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonmd29LCt5IDbYLcBxINTEIWA5rwonmd29LCt5IF2YvFMaINUglpd3Pq4WmwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1jd21scB50CtnIdBaLDbasCtnNTJnIDoEVColLCe1IdBaLDbasCt5IDo90cBxkcoEIWA5rwonscBOpfB1IRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIdBaLDbasCt5IDbYLcBxINTEIWA5rwonscBOpfB1IRMnzC29ZcBE9k+U4qGJvitFITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgBYvdB1ldmOIwonJCBOIwr9KwonPCt5IDBOINBnJCBOIRMnPd3OldrlLCtnnTLWICokicoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonJCBOIRMnpF2OldoE9HtnnTLWICokicoEVCuYjd3klCe0m5dGV6h+rkZnbUraUOUnIDoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonPCt5IDbYLcBxINTEIO1kNaaEIWlLICoiIRMnpcoEpwonzCtnNTJnIDoEVColLCe1IF2EVCoivfoaSUBOIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1XDo90d2EICoYvCtnNTJnIDoEVCoYvfMaZCe1IC29IRMnpcoEIWA5rwonjd2EVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonjd2EVColzcoaSCe0XwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1XDo90d2EICunIwr9KwonPCt5IDBOINBnXCt5IC2y0cBfvFmlUcBxkcoEIWA5rwonXCt5IC2y0cBfvFmlKCB1lCe0mDo90cBXmwryKOtnIFoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonXCt5IDbYLcBxINTEITraoatnhT0lKwtiTOAxyW1WIColLCtxICbklCAlLCtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBivfoaSCtnbUraUOUnIDBOINUOPd3OldrlLhUnIdMEIT04ICoiIRMniFMaiUBOINBnVCt5ICbklCAlLCtnbUraUOUnIDoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonPCt5IDbYLcBxINTEIWA5rwonSCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoxIRMnpF2OldoE9HtnnTLWICoyIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnICBEVColzcoaSCe0XwryKOtnIDoEVColLCeX+Co5IRMnpcoEIO1kNaaEIWlLICoiIRMnpcoEpwonPd3OldoEITraoatnhT0lKwtiTOAxyW1WICoiIRMnpcoESW09aTlWPCo9IRMnpcoEpwryTwonJd29qTmasCtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgB9ZcoaZb3kvd21IwonvCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9FM9vdBEICukIwr9KwonvCt5IFM9vdAlLCe1IFMEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Do90cBxIwonPCtnNTJnIFMEVCoivfoaSUBOINBnPCt5IDBOIwyfwOakywonvCt5IDbYLcBxINTEIWA5rwonZCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICukIRMnpF2OldoE9HtnnTLWICoiIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIDoEVColzcoaSCe0XwrlTwr5NatnKaAxHwrfUT1aWwrkcwonpcoEpwonMCbcvFMl0cBEIT04ICoivfoaSCt5IDBOINBnMCbcvFMl0cBEVColLCtnHOAcAwrpNUA4IhyYyTraeatnIDoEVColLCtxYUA4PCunIRMnXFMljcBEpwryTwonXFMljcBEIOlkNTUnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEICoiIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1Zd29sCtnIFMEIT04ICoiIRMnpcoE9CukIRMnPd3OldrlLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9FukpC2agFM9vdBEICunIwr9KwonZCt5IDBOINBnXCt5IFM9vdAlLCtnbUraUOUnIDoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonPCt5IDbYLcBxINTEIWA5rwonZCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICukIRMnpF2OldoE9HtnnTLWICunIRMnLCbOlCe1rWaOyhr5NaZIphUnnTLWICunIRMnpF2OldoE9HtnnTLWICunIRMnXFMljcBEIUaHITL9Awr5aTrXIO1kNaaEIWlLIColLCtLICunZDBYlCtnNTJnIDo90cBxIRMnpcoE9CunZDBYlCt5IDBOIwr9UOraUwrkcwonXFMljcBEITrlYUaWIko51dUwpKX0hgW0hFuaJdoljwoc1dMY0DB9VwoflfyYifolzcMyjfolvdJILDo90cBxkctLIGX0hFMa0fbkVwtO0DolzRT5LCJ0+FMazfBx0b2cpFmY0htkTOAxyW1WIhrYNaA5Ahonmd29LCt5IDBOIhUseT1aKatiIdBaLDbasCt5IDBOIhUPXRjApRZieT1aKatiIc29vcoEVColLCtLqW09aTlWPCo1lcol1dBEVColLCtLqW09aTlWPCokicoEVColLCtLphjrXHtnnAZnIF2y0DbYMCBY0DB9VCtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBivfoaSCtnIDoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgBYvdB1ldmOIwonmd29LCtnNTJnIDoEVColLCe1Ic29vcoEVCoivfoaSUBOIwryKOtnIc29vcoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonmd29LCt5IDbYLcBxINTEIWA5rwonmd29LCt5IF2YvFMaINUglpd3Pq4WmwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1jd21scB50CtnIdBaLDbasCtnNTJnIDoEVColLCe1IdBaLDbasCt5IDo90cBxkcoEIWA5rwonscBOpfB1IRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIdBaLDbasCt5IDbYLcBxINTEIWA5rwonscBOpfB1IRMnzC29ZcBE9k+U4qGJvitFITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgBYvdB1ldmOIwonJCBOIwr9KwonPCt5IDBOINBnJCBOIRMnPd3OldrlLCtnnTLWICokicoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonJCBOIRMnpF2OldoE9HtnnTLWICokicoEVCuYjd3klCe0m5dGV6h+rkZnbUraUOUnIDoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonPCt5IDbYLcBxINTEIWA5rwonPCt5IDBOINUOPd3OldrlLwrfUT1aWwrkcwonPCt5IDBOIwJL7eWp9eWpXfBkSDBHIcmaVC3Opd24Ic2a0W291dmOtGaO5FoAPkuO5FoASko51dULIGX0hFMa0fbkVwtO0DolzRT5LCJ0+cMa0C2igCBxShtkTOAxyW1WIW09aTlWPCo9IRMnpcoEpwryTwonJd29qTmasCtxIFMEVCoivfoaSUBOIRonPCt5IdMyscBEIWaHICoivfoaSTMyscBESCukIRMnpcoEIWaHICukvd21kcoESA1aYhonvCt5IfoyqcA1vdMa5CtLIWaHICuOiD2aYd25lGBEIOlkNTUnIGZO0DolzRT50CBkScbnZcb1vFMOlFl9Zd29sCtnId2EITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgbkvd21IwonZCtnNTJnId2EVCukvd21kcoE9CukIRMnpcoEITraoatnhT0lKwon7kuOPDbHsNmOiCMxlFuklgBivfoaSCtnIDoEIT04ICukIRMnPd3OldrlLCe1IDoEVColLCtnbUraUOUnId2EVColzcoaSCe0XwryKOtnIFMEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonZCt5IDbYLcBxINTEIWA5rwonPCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoiIRMnpF2OldoE9HtnuAL9aAtntBUnIDo90cBxkcoEITrlYUaWIko51dUwpKX0hgW0hFuaJdoljwoc1dMY0DB9VwoflfrYvfB50WmlHcbcldtILDBWINUnoWAxTOULIGX0hFMa0fbkVwtO0DolzRT5LCJ0+cMa0C2igCBxShtkTOAxyW1WICoxIRMnpcoESCoxIRMnVCB1lCtxeT1aKatiIdoEVColLCtLIWaHICoYvfB50CtxIdoEVCoOpF3nSCblNFMOlFMEIOlkNTUnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEICoiIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1ScbcldoEICoxIwr9KwonPCt5Idoa2cBxkcoE9CoxIRMnpcoEIa0iyALAICoiIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIDoEVColzcoaSCe0XwryKOtnIdoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonSCt5IDbYLcBxINTEIWA5rwonSCt5IDBOINjEIwJ4PkolLwe8JWA5rwonSCt5IDBOINUOpctEJKJEmkZLVwLfUT1aWwrkcwonSCt5IDBOIRonSCt5IdMyscBEIT1krOawIWlLICoxIRMnLDbYXdoy5T3kLcbkIRonSCt5IdMyscBEIWaYewJL7eWp9eWpXfBkSDBHIcmaVC3Opd24Ic2a0W291dmOtGAyZcBrPkolLwe0IOLyHA0ApwuSYtmklfuaZdJELfoipFZ0+cowsNMclfoYPb2ySdtIJA0aHOAYAwoniCt5IDBOIRoniCt5IdMyscBESW09aTlWPCoyIRMnpcoEpwryTwonjd3aVfoEIOlkNTUnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEICoiIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1iFMaiCtnICBEIT04ICoiIRMniFMaiUBOINBniCt5IDBOIwyfwOakywonPCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoiIRMnpF2OldoE9HtnnTLWICoyIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnICBEVColzcoaSCe0XwryKOtnICBEVColLCe4XwtwVhtOpctE/wLyKOtnICBEVColLCe0LDBWIwjPIkZFpRJkuAL9aAtntBUnICBEVColLCtxICBEVCo5idBaIwr9UOraUwrkcwoniCt5IcolzFoxiGA9ZcoaZCtnnA0HSCoyIRMnVCB1lCtnnA0HJhTSYtm0Ytmn1CMxpCZnMfB5jfolvdJnmcbOed3aVfrk5A2aZfMljcUILDBWINUnoWAxTOULIGX0hFMa0fbkVwtO0DolzRT5LCJ0+cMa0C2igCBxShtkTOAxyW1WIhJnoAL9YwtiTOAxyW1WIHUnnAZnIDBOIRtgmlRbPikulqQRMJR8mwryTwonVCB1lCtxeT1aKatiIDBOIhUniFZnIC291dmOIwrcUT00ICuSLfoipFZ0+foyJdoaXFMa9Do90cBxIwyfwOakywonzfoy0fbYINUgls7RlqQuMPRImwryKOtnIDbYLcBxINTEIWA5rwonzcbk2DBYlCtnHUAsywtFl55U16wUO5D6J5PJ/kUFIaA5kT04IWAxHwyYyTraeatEZwryTwonpcoESk+BVvGB4pVG9LGG7mtFIWaHICo5idBaIRrYNaA5AhonpcoEpwoyzwonjd3aVfoEIOlkNTUnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEIa0iyALAICuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonpF2OldoE9HtnnTLWICuYlFmcpC2aIwrxkU0AIkZblqq3lVhdmvcumV5XlkZnaTLlNTJnnTrXIA0aHOAYAweHIWaHIColLCtXm5CoF6R2M5cZ6kZnnAZnIdMyscBESW09aTlWPColLCtLICbHICoYvfB50CtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBivfoaSCtnbUraUOUnIF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWIColzcoaSCe0XwryKOtnIF2aZfMljcBEITrlROUEmkGBnmKJ9pVBFVJAmwyaKUA9KwryHTtnTOAxyW1WIYtnnAZnIDBOIRtgMPcuMJ7/MsdTlqQWmwryTwonVCB1lCtxeT1aKatiIDBOIhUniFZnIC291dmOIwrcUT00ICuSLfoipFZ0+foyJdoaXFMa9Do90cBxIwyfwOakywonzfoy0fbYINUgls7RlqQuMPRImwryKOtnIDbYLcBxINTEIWA5rwonzcbk2DBYlCtnHUAsywtFl5QoO5PV/5qB05D6LkUFIaA5kT04IWAxHwyYyTraeatE1wryTwonpcoESk+BnpGJ6QZFIWaHICo5idBaIRrYNaA5AhonpcoEpwoyzwonjd3aVfoEIOlkNTUnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEIa0iyALAICuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonpF2OldoE9HtnnTLWICuYlFmcpC2aIwrxkU0AIkZblIDbPVQSlkZnaTLlNTJnnTrXIA0aHOAYAweCIWaHIColLCtXm5qJ45qKz5D6LkZnnAZnIdMyscBESW09aTlWPColLCtLICbHICoYvfB50CtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgBivfoaSCtnbUraUOUnIF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWIColzcoaSCe0XwryKOtnIF2aZfMljcBEITrlROUEmkGD4VKDzS+BVptAmwyaKUA9KwryHTtnTOAxyW1WIYZnnAZnIDBOIRtgLv6umlhjljDrmwryTwonVCB1lCtxeT1aKatiIDBOIhUniFZnIC291dmOIwrcUT00ICuSLfoipFZ0+foyJdoaXFMa9Do90cBxIwyfwOakywonzfoy0fbYINUgls7RlqQuMPRImwryKOtnIDbYLcBxINTEIWA5rwonzcbk2DBYlCtnHUAsywtFl5R+i55UP5C2ikUFpwon0dbnIwJ4PkolLwe8JwyfwOakywonpcoE9kolLwtw6wtFmhUL7eWp9eWpXfBkSDBHIcmaVC3Opd24Ic2a0W291dmOtGAxidMOsCbkqhtOpctE9wrcnTyYywtXLCbklCAlLwe0IOLyHA0ApwuSYtJOzFBXINUEJA0aHOAYAwonSdBEVColLCtxIdo1IRMnVCB1lCtxeT1aKatiIdo1IRMnpcoEpwryTwonjd3aVfoEIOlkNTUnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEICoiIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1SCB5LdByZD2EICoxsCtnNTJnIDoEVCoxidMOsCbkqUBOINBnSdBEVColLCtnbUraUOUnIDoEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonPCt5IDbYLcBxINTEIWA5rwonSdBEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwonSdBEVColzcoaSCe0XwryKOtnIdo1IRMnpcoE+HtEJRJILDBWINZknTLWICoxsCt5IDBOINUOpctEJKJEmkZLVhtOiFMaiUBWINZknTLWICoxsCt5ICbklCAlLCe0LCbklCAlLwtw6wtFmhU4JO1kNaaEIWlLICoxsCt5IDBOIRonSdBEVCo5idBaIwr9UOraUwrkcwonSdBEVCoOpF3nSCblNFMOlFMEIWaYeRonSdBEVCo5idBaIwryTWZw7eWpZcbO1FM4IkuOPDbHsNMOJRT5McbOjDy9idoXPkuYxdtL7eWp9eWpXfBkSDBHIcmaVC3Opd24Ic2a0TMa3WM9vDZILC2l0GA5idBApwuSYtmklfuaZdJELfoipFZ0+cowsNMclfoYPb2ySdtIJA0aHOAYAwonpcoESCo5idBaIwrcUT00IhyYyTraeatnId2EVColLCtnnAZnId3kLcbkkcoESCoiIRMnpcoESCoiIRMnVCB1lCtnoAL9Ywon7kuOPDbHsNmOiCMxlFuklgB9ZcoaZb3kvd21IwonvCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9FM9vdBEICukIwr9KwonvCt5IFM9vdAlLCe1IFMEVColLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9Do90cBxIwonPCtnNTJnIFMEVCoivfoaSUBOINBnPCt5IDBOIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1iFMaiCtnICBEIT04ICoiIRMniFMaiUBOINBniCt5IDBOIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1jDbO5CtnIC2EIT04ICoyIRMnjDbO5UBOINBnjCt5IDBOIwyfwOakywonvCt5IDbYLcBxINTEIWA5rwonvCt5IF3OifuazCeX+k+B3SVBNlVD2JtFIWA5rwonZCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICukIRMnpF2OldoE9HtnnTLWICoiIRMnzfoy0fbYINUgls7RlqQuMPRImwryKOtnIDoEVColzcoaSCe0XwryKOtnICBEVCuY0CbO1F2E9k+B3SVBVPGDIVtFIWA5rwoniCt5IDbYLcBxINTEIWA5rwonjCt5IF3OifuazCe0m5dGZ5D6i5Qt4kZnnTLWICoYIRMnpF2OldoE9HtnnTLWICoYIRMnVCB1lCtnHUAsywtFlGZOjDbO5TMyscb0lkZnNALOyAJntBUnId2EVColLCtnrOaYehUnIfo1XCtnuAL9aAtntBUnIDBOIwr9UOraUwrkcwonvFMOlFLlLCtnrOaYewJL7eWp9eWpXfBkSDBHIcmaVC3Opd24Ic2a0b2YvdB1ldmOgDB1XFMazF2lvdJILDo90cBxkctLYtmSYtJOzFBXINUEJF2aScBY0wtPIcmkvdUnIGZO0DolzRT50CBkScbnZcb1jd21scB50b2lsFuklF3Ypd25IwufPcbklwoivfoaSUBWINUEmkoivfoaSUBWmwjSYtmklfuaZdJELfoipFZ0+cowsNMclfoYPb2ySdtILF3yShTSYtm0Ytmn1CMxpCZnMfB5jfolvdJnmcbOgFukpC2APkoivfoaSUBWIRtOJcBfpdJESkoaVctLYtmSYtJOzFBXINUEJA0aHOAYAwtPIOlkNTUnIGZO0DolzRT50CBkScbnZcb1Pd3OldoEICoiIwrxyOlWIUL9kTJnIGZO0DolzRT50CBkScbnZcb1Zd29sCtnIFMEIT04ICoiIRMlLwe0ICukIRMnPd3OldrlLCtnHOAcAwrpNUA4ICuSLfoipFZ0+foyJdoaXFMa9FukpC2agFM9vdBEICunZCtnNTJnIFukIRmkvd21kctE9wonZCt5pctnbUraUOUnIDoEVDBWINUFLDo90cBxkctFIWA5rwonXFMEVCoOifoaIwe49wtFLCMamDB4mwtnnTLWICunZCt5Icoy0cBEINtEmkoaVctFJKX0hFMa0fbkVwtO0DolzRT5LCJ0+cMa0C2igCBxShtOzFBXpKX0hgW0hFuaJdoljwoc1dMY0DB9VwoflfrlVcM9tGAxidMOsCbkqhtOpctE9wrcnTyYyhUn7eWpZcbO1FM4IkuOPDbHsNMOJRT5McbOjDy9idoXPwlYyTraeatnIC2y0cBfvFmlIwrcUT00ICuSLfoipFZ0+foyJdoaXFMa9doyVco1iFMsIwyfwOakywonpcoEINUEmkolLkZwpKX0hgW0hgW0h'));
|
PHP木马其实就是利用php程序写的一个php文件他可以对文件进行任何的读写操作,同时可以上传下载数据库等等,说得好听点就是一个完美的网站文件管理系统了,下面小编总结了一些常见的PHP木马攻击的方法防御技巧.
1、防止跳出web目录
首先修改httpd.conf,如果你只允许你的php脚本程序在web目录里操作,还可以修改httpd.conf文件限制php的操作路径。比如你的web目录是/usr/local/apache/htdocs,那么在httpd.conf里加上这么几行:
php_admin_value open_basedir /usr/local/apache
/htdocs
这样,如果脚本要读取/usr/local/apache/htdocs以外的文件将不会被允许,如果错误显示打开的话会提示这样的错误:
Warning: open_basedir restriction in effect. File is in wrong directory in
/usr/local/apache/htdocs/open.php on line 4
等等。
2、防止php木马执行webshell
打开safe_mode,
在,php.ini中设置
disable_functions= passthru,exec,shell_exec,system
二者选一即可,也可都选
3、防止php木马读写文件目录
在php.ini中的
disable_functions= passthru,exec,shell_exec,system
后面加上php处理文件的函数
主要有
fopen,mkdir,rmdir,chmod,unlink,dir
fopen,fread,fclose,fwrite,file_exists
closedir,is_dir,readdir.opendir
fileperms.copy,unlink,delfile
即成为
disable_functions= passthru,exec,shell_exec,system,fopen,mkdir,rmdir,chmod,unlink,dir
,fopen,fread,fclose,fwrite,file_exists
,closedir,is_dir,readdir.opendir
,fileperms.copy,unlink,delfile
ok,大功告成,php木马拿我们没辙了,遗憾的是这样的话,利用文本数据库的那些东西就都不能用了。
如果是在windos平台下搭建的apache我们还需要注意一点,apache默认运行是system权限,这很恐怖,这让人感觉很不爽.那我们就给apache降降权限吧。
net user apache fuckmicrosoft /add
net localgroup users apache /del
ok.我们建立了一个不属于任何组的用户apche。
我们打开计算机管理器,选服务,点apache服务的属性,我们选择log on,选择this account,我们填入上面所建立的账户和密码,重启apache服务,ok,apache运行在低权限下了。
实际上我们还可以通过设置各个文件夹的权限,来让apache用户只能执行我们想让它能干的事情,给每一个目录建立一个单独能读写的用户。这也是当前很多虚拟主机提供商的流行配置方法哦,不过这种方法用于防止这里就显的有点大材小用了。
一聚教程小编提醒您:如果你对这些配置不明白我们可以使用安全狗或卖咖啡来设置网站目录不可写php文件,这样就是有bug也无法上传php文件了,同时限制一些提取操作在这里我就不介绍了大家要在本站找一些相关教程。
正则表达式注入攻击你sql数据库本人是第一次听过了,下面我总结了一些常见的sql攻击正则表达式同时在文章最后也举了一个实例与大家一起分析攻击原理。
我们都已经知道,在MYSQL 5+中 information_schema库中存储了所有的 库名,表明以及字段名信息。故攻击方式如下:
1. 判断第一个表名的第一个字符是否是a-z中的字符,其中blind_sqli是假设已知的库名。
注:正则表达式中 ^[a-z] 表示字符串中开始字符是在 a-z范围内
代码如下 |
复制代码 |
index.php?id=1 and 1=(SELECT 1 FROM information_schema.tables WHERE TABLE_SCHEMA="blind_sqli" AND table_name REGEXP '^[a-z]' LIMIT 0,1) /*
|
2. 判断第一个字符是否是a-n中的字符
代码如下 |
复制代码 |
index.php?id=1 and 1=(SELECT 1 FROM information_schema.tables WHERE TABLE_SCHEMA="blind_sqli" AND table_name REGEXP '^[a-n]' LIMIT 0,1)/*
|
3. 确定该字符为n
代码如下 |
复制代码 |
index.php?id=1 and 1=(SELECT 1 FROM information_schema.tables WHERE TABLE_SCHEMA="blind_sqli" AND table_name REGEXP '^n' LIMIT 0,1) /* www.111cn.net
|
4. 表达式的更换如下
代码如下 |
复制代码 |
expression like this: '^n[a-z]' -> '^ne[a-z]' -> '^new[a-z]' -> '^news[a-z]' -> FALSE
|
这时说明表名为news ,要验证是否是该表明 正则表达式为'^news$',但是没这必要 直接判断 table_name = ’news‘ 不就行了。
5.接下来猜解其它表了 只需要修改 limit 1,1 -> limit 2,1就可以对接下来的表进行盲注了。
例
代码如下 |
复制代码 |
$Exec_Commond = "( \s|\S)*(exec(\s|\+)+(s|x)p\w+)(\s|\S)*";
$Simple_XSS = "( \s|\S)*((%3C)|<)((%2F)|/)*[a-z0-9%]+((%3E)|>)(\s|\S)*";
$Eval_XSS = "( \s|\S)*((%65)|e)(\s)*((%76)|v)(\s)*((%61)|a)(\s)*((%6C)|l)(\s|\S)*";
$Image_XSS = "( \s|\S)*((%3C)|<)((%69)|i|I|(%49))((%6D)|m|M|(%4D))((%67)|g|G|(%47))[^\n]+((%3E)|>)(\s|\S)*" ;
$Script_XSS = "( \s|\S)*((%73)|s)(\s)*((%63)|c)(\s)*((%72)|r)(\s)*((%69)|i)(\s)*((%70)|p)(\s)*((%74)|t)(\s|\S)*";
$SQL_Injection = "( \s|\S)*((%27)|(')|(%3D)|(=)|(/)|(%2F)|(")|((%22)|(-|%2D){2})|(%23)|(%3B)|(;))+(\s|\S)*";
|
sql攻击代码
代码如下 |
复制代码 |
<?php
function customError($errno, $errstr, $errfile, $errline)
{
echo "<b>Error number:</b> [$errno],error on line $errline in $errfile<br />";
die();
}
set_error_handler("customError",E_ERROR);
$getfilter="'|(and|or)\b.+?(>|<|=|in|like)|\/\*.+?\*\/|<\s*script\b|\bEXEC\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)";
$postfilter="\b(and|or)\b.{1,6}?(=|>|<|\bin\b|\blike\b)|\/\*.+?\*\/|<\s*script\b|\bEXEC\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)";
$cookiefilter="\b(and|or)\b.{1,6}?(=|>|<|\bin\b|\blike\b)|\/\*.+?\*\/|<\s*script\b|\bEXEC\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)";
function StopAttack($StrFiltKey,$StrFiltValue,$ArrFiltReq)
{
if(is_array($StrFiltValue))
{
$StrFiltValue=implode($StrFiltValue);
}
if (preg_match("/".$ArrFiltReq."/is",$StrFiltValue)==1&&!isset($_REQUEST['securityToken']))
{
slog("<br><br>操作IP: ".$_SERVER["REMOTE_ADDR"]."<br>操作时间: ".strftime("%Y-%m-%d %H:%M:%S")."<br>操作页面:".$_SERVER["PHP_SELF"]."<br>提交方式: ".$_SERVER["REQUEST_METHOD"]."<br>提交参数: ".$StrFiltKey."<br>提交数据: ".$StrFiltValue);
print "result notice:Illegal operation!";
exit();
}
}
foreach($_GET as $key=>$value)
{
StopAttack($key,$value,$getfilter);
}
foreach($_POST as $key=>$value)
{
StopAttack($key,$value,$postfilter);
}
foreach($_COOKIE as $key=>$value)
{
StopAttack($key,$value,$cookiefilter);
}
function slog($logs)
{
$toppath="log.htm";
$Ts=fopen($toppath,"a+");
fputs($Ts,$logs."rn");
fclose($Ts);
}
?>
|
sql
分析
如果使用这个函数的话,这个函数会绕开PHP的标准出错处理,所以说得自己定义报错处理程序(die())。
其次,如果代码执行前就发生了错误,那个时候用户自定义的程序还没有执行,所以就不会用到用户自己写的报错处理程序。
那么,PHP里有一套错误处理机制,可以使用set_error_handler()接管PHP错误处理,也可以使用trigger_error()函数主动抛出一个错误。
set_error_handler()函数设置用户自定义的错误处理函数。函数用于创建运行期间的用户自己的错误处理方法。它需要先创建一个错误处理函数,然后设置错误级别。
关于的用法:
代码如下 |
复制代码 |
function customError($errno, $errstr, $errfile, $errline)
{
echo "<b>错误代码:</b> [${errno}] ${errstr}\r\n";
echo " 错误所在的代码行: {$errline} 文件{$errfile}\r\n";
9 echo " PHP版本 ",PHP_VERSION, "(" , PHP_OS, ")\r\n";
// die();
}
set_error_handler("customError",E_ALL| E_STRICT);
|
总结
PHP遇到错误时,就会给出出错脚本的位置、行数和原因,有很多人说,这并没有什么大不了。但泄露了实际路径的后果是不堪设想的,对于某些入侵者,这个信息可是非常重要,而事实上现在有很多的服务器都存在这个问题。 有些网管干脆把PHP配置文件中的 display_errors 设置为 Off 来解决,但本人认为这个方法过于消极。有些时候,我们的确需要PHP返回错误的信息以便调试。而且在出错时也可能需要给用户一个交待,甚至导航到另一页面。但是有了set_error_handler()之后,这些矛盾也都可以解决掉了。
但是发现很少用这个函数。
前面我有讲过利用其它的算法生成签名,下面我们同样在利用openssl生成签名,希望此文章对各位同学会有所帮助哦。
实例
代码如下 |
复制代码 |
<?php
/**
* 根据原文生成签名内容
*
* @param string $data 原文内容
*
* @return string
*/
function sign($strData)
{
$filePath = 'test.pfx';
if(!file_exists($filePath)) {
return false;
}
$pkcs12 = file_get_contents($filePath);
if (openssl_pkcs12_read($pkcs12, $certs, '')) {
$privateKey = $certs['pkey'];
$publicKey = $certs['cert'];
$signedMsg = "";
if (openssl_sign($strData, $signedMsg, $privateKey)) {
$signedMsg=bin2hex($signedMsg);
return $signedMsg;
} else {
return '';
}
} else {
return '0';
}
}
/*
openssl_pkcs12_read 可以读取pfx格式的私钥,而不需要非要转成pem格式的文件
*/
?> |
openssl_sign 默认signature_alg参数是OPENSSL_ALGO_SHA1
如果使用DSA加密方式需要使用OPENSSL_ALGO_DSS1参数
signature_alg 其他参数
OPENSSL_ALGO_DSS1 (integer)
OPENSSL_ALGO_SHA1 (integer)
OPENSSL_ALGO_SHA224 (integer)
OPENSSL_ALGO_SHA256 (integer)
OPENSSL_ALGO_SHA384 (integer)
OPENSSL_ALGO_SHA512 (integer)
OPENSSL_ALGO_RMD160 (integer)
OPENSSL_ALGO_MD5 (integer)
OPENSSL_ALGO_MD4 (integer)
OPENSSL_ALGO_MD2 (integer)