砍死的Joomla 3.1管理員登錄頁面

Question

我的網站被黑，我可以看到登錄頁面我的Joomla管理員登錄頁面

這裏是登錄頁面的URL：

http://societ.us/administrator/index.php 

黑客被添加代碼（在13-15行）：

<style type="text/css"> 
html { display:none } 
    </style> 

你知道嗎？刪除該代碼？

我檢查了以下幾個文件（還有更多），而且我還沒有發現它

在/home/societ/societ.us/administrator/templates/isis/login.php

<?php 
/** 
* @package  Joomla.Administrator 
* @subpackage Templates.isis 
* 
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved. 
* @license  GNU General Public License version 2 or later; see LICENSE.txt 
*/ 

defined('_JEXEC') or die; 

$app = JFactory::getApplication(); 
$doc = JFactory::getDocument(); 
$lang = JFactory::getLanguage(); 

// Add JavaScript Frameworks 
JHtml::_('bootstrap.framework'); 
JHtml::_('bootstrap.tooltip'); 

// Add Stylesheets 
$doc->addStyleSheet('templates/' .$this->template. '/css/template.css'); 

// Load optional RTL Bootstrap CSS 
JHtml::_('bootstrap.loadCss', false, $this->direction); 

// Load specific language related CSS 
$file = 'language/' . $lang->getTag() . '/' . $lang->getTag() . '.css'; 
if (is_file($file)) 
{ 
    $doc->addStyleSheet($file); 
} 

// Detecting Active Variables 
$option = $app->input->getCmd('option', ''); 
$view  = $app->input->getCmd('view', ''); 
$layout = $app->input->getCmd('layout', ''); 
$task  = $app->input->getCmd('task', ''); 
$itemid = $app->input->getCmd('Itemid', ''); 
$sitename = $app->getCfg('sitename'); 

// Check if debug is on 
$config = JFactory::getConfig(); 
$debug = (boolean) $config->get('debug'); 
?> 
<!DOCTYPE html> 
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $this->language; ?>" lang="<?php echo $this->language; ?>" dir="<?php echo $this->direction; ?>" > 
<head> 
    <meta name="viewport" content="width=device-width, initial-scale=1.0"> 
    <meta http-equiv="X-UA-Compatible" content="IE=edge" /> 
    <jdoc:include type="head" /> 
    <script type="text/javascript"> 
     window.addEvent('domready', function() 
     { 
      document.getElementById('form-login').username.select(); 
      document.getElementById('form-login').username.focus(); 
     }); 
    </script> 
    <style type="text/css"> 
     /* Responsive Styles */ 
     @media (max-width: 480px) { 
      .view-login .container { 
       margin-top: -170px; 
      } 
      .btn { 
       font-size: 13px; 
       padding: 4px 10px 4px; 
      } 
     } 
     <?php if ($debug) : ?> 
      .view-login .container { 
       position: static; 
       margin-top: 20px; 
       margin-left: auto; 
       margin-right: auto; 
      } 
      .view-login .navbar-fixed-bottom { 
       display: none; 
      } 
     <?php endif; ?> 
    </style> 
    <!--[if lt IE 9]> 
     <script src="../media/jui/js/html5.js"></script> 
    <![endif]--> 
</head> 

<body class="site <?php echo $option . " view-" . $view . " layout-" . $layout . " task-" . $task . " itemid-" . $itemid . " ";?>"> 
    <!-- Container --> 
    <div class="container"> 
     <div id="content"> 
      <!-- Begin Content --> 
      <div id="element-box" class="login well"> 
       <img src="<?php echo $this->baseurl; ?>/templates/<?php echo $this->template ?>/images/joomla.png" alt="Joomla!" /> 
       <hr /> 
       <jdoc:include type="message" /> 
       <jdoc:include type="component" /> 
      </div> 
      <noscript> 
       <?php echo JText::_('JGLOBAL_WARNJAVASCRIPT') ?> 
      </noscript> 
      <!-- End Content --> 
     </div> 
    </div> 
    <div class="navbar navbar-fixed-bottom hidden-phone"> 
     <p class="pull-right">&copy; <?php echo $sitename; ?> <?php echo date('Y');?></p> 
     <a class="login-joomla" href="http://www.joomla.org" class="hasTooltip" title="<?php echo JHtml::tooltipText('TPL_ISIS_ISFREESOFTWARE');?>">Joomla!&#174;</a> 
     <a href="<?php echo JUri::root(); ?>" class="pull-left"><i class="icon-share icon-white"></i> <?php echo JText::_('COM_LOGIN_RETURN_TO_SITE_HOME_PAGE') ?></a> 
    </div> 
    <jdoc:include type="modules" name="debug" style="none" /> 
</body> 
</html> 

在/home/societ/societ.us/administrator/templates/isis/index.php

<?php 
/** 
* @package  Joomla.Administrator 
* @subpackage Templates.isis 
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved. 
* @license  GNU General Public License version 2 or later; see LICENSE.txt 
* @since  3.0 
*/ 

defined('_JEXEC') or die; 

$app = JFactory::getApplication(); 
$doc = JFactory::getDocument(); 
$lang = JFactory::getLanguage(); 
$this->language = $doc->language; 
$this->direction = $doc->direction; 
$input = $app->input; 
$user = JFactory::getUser(); 

// Add JavaScript Frameworks 
JHtml::_('bootstrap.framework'); 
$doc->addScript('templates/' .$this->template. '/js/template.js'); 

// Add Stylesheets 
$doc->addStyleSheet('templates/' . $this->template . '/css/template.css'); 

// Load optional RTL Bootstrap CSS 
JHtml::_('bootstrap.loadCss', false, $this->direction); 

// Load specific language related CSS 
$file = 'language/' . $lang->getTag() . '/' . $lang->getTag() . '.css'; 
if (is_file($file)) 
{ 
    $doc->addStyleSheet($file); 
} 

// Detecting Active Variables 
$option = $input->get('option', ''); 
$view  = $input->get('view', ''); 
$layout = $input->get('layout', ''); 
$task  = $input->get('task', ''); 
$itemid = $input->get('Itemid', ''); 
$sitename = $app->getCfg('sitename'); 

$cpanel = ($option === 'com_cpanel'); 

$showSubmenu = false; 
$this->submenumodules = JModuleHelper::getModules('submenu'); 
foreach ($this->submenumodules as $submenumodule) 
{ 
    $output = JModuleHelper::renderModule($submenumodule); 
    if (strlen($output)) 
    { 
     $showSubmenu = true; 
     break; 
    } 
} 

// Logo file 
if ($this->params->get('logoFile')) 
{ 
    $logo = JUri::root() . $this->params->get('logoFile'); 
} 
else 
{ 
    $logo = $this->baseurl . "/templates/" . $this->template . "/images/logo.png"; 
} 

// Template Parameters 
$displayHeader = $this->params->get('displayHeader', '1'); 
$statusFixed = $this->params->get('statusFixed', '1'); 
$stickyToolbar = $this->params->get('stickyToolbar', '1'); 
?> 
<!DOCTYPE html> 
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $this->language; ?>" lang="<?php echo $this->language; ?>" dir="<?php echo $this->direction; ?>"> 
<head> 
    <meta name="viewport" content="width=device-width, initial-scale=1.0"> 
    <jdoc:include type="head" /> 
    <?php 
    // Template color 
    if ($this->params->get('templateColor')) 
    { 
    ?> 
    <style type="text/css"> 
     .navbar-inner, .navbar-inverse .navbar-inner, .dropdown-menu li > a:hover, .dropdown-menu .active > a, .dropdown-menu .active > a:hover, .navbar-inverse .nav li.dropdown.open > .dropdown-toggle, .navbar-inverse .nav li.dropdown.active > .dropdown-toggle, .navbar-inverse .nav li.dropdown.open.active > .dropdown-toggle, #status.status-top 
     { 
      background: <?php echo $this->params->get('templateColor');?>; 
     } 
     .navbar-inner, .navbar-inverse .nav li.dropdown.open > .dropdown-toggle, .navbar-inverse .nav li.dropdown.active > .dropdown-toggle, .navbar-inverse .nav li.dropdown.open.active > .dropdown-toggle{ 
      -moz-box-shadow: 0 1px 3px rgba(0, 0, 0, .25), inset 0 -1px 0 rgba(0, 0, 0, .1), inset 0 30px 10px rgba(0, 0, 0, .2); 
      -webkit-box-shadow: 0 1px 3px rgba(0, 0, 0, .25), inset 0 -1px 0 rgba(0, 0, 0, .1), inset 0 30px 10px rgba(0, 0, 0, .2); 
      box-shadow: 0 1px 3px rgba(0, 0, 0, .25), inset 0 -1px 0 rgba(0, 0, 0, .1), inset 0 30px 10px rgba(0, 0, 0, .2); 
     } 
    </style> 
    <?php 
    } 
    ?> 
    <?php 
    // Template header color 
    if ($this->params->get('headerColor')) 
    { 
    ?> 
    <style type="text/css"> 
     .header 
     { 
      background: <?php echo $this->params->get('headerColor');?>; 
     } 
    </style> 
    <?php 
    } 
    ?> 

    <!-- Sidebar background color --> 
    <?php if ($this->params->get('sidebarColor')) : ?> 
    <style type="text/css"> 
     .nav-list > .active > a, .nav-list > .active > a:hover 
     { 
      background: <?php echo $this->params->get('sidebarColor'); ?>; 
     } 
    </style> 
    <?php endif; ?> 

    <!--[if lt IE 9]> 
     <script src="../media/jui/js/html5.js"></script> 
    <![endif]--> 
</head> 

<body class="admin <?php echo $option . " view-" . $view . " layout-" . $layout . " task-" . $task . " itemid-" . $itemid . " ";?>" <?php if ($stickyToolbar) : ?>data-spy="scroll" data-target=".subhead" data-offset="87"<?php endif;?>> 
    <!-- Top Navigation --> 
    <nav class="navbar navbar-inverse navbar-fixed-top"> 
     <div class="navbar-inner"> 
      <div class="container-fluid"> 
       <?php if ($this->params->get('admin_menus') != '0') : ?> 
        <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> 
         <span class="icon-bar"></span> 
         <span class="icon-bar"></span> 
         <span class="icon-bar"></span> 
        </a> 
       <?php endif; ?> 
       <a class="brand" href="<?php echo JUri::root(); ?>" title="<?php echo JText::sprintf('TPL_ISIS_PREVIEW', $sitename);?>" target="_blank"><?php echo JHtml::_('string.truncate', $sitename, 14, false, false);?> <i class="icon-out-2 small"></i></a> 
       <?php if ($this->params->get('admin_menus') != '0') : ?> 
       <div class="nav-collapse"> 
       <?php else : ?> 
       <div> 
       <?php endif; ?> 
        <jdoc:include type="modules" name="menu" style="none" /> 
        <ul class="<?php if ($this->direction == 'rtl') : ?>nav<?php else : ?>nav pull-right<?php endif; ?>"> 
         <li class="dropdown"> <a class="dropdown-toggle" data-toggle="dropdown" href="#"><?php echo $user->name; ?> <b class="caret"></b></a> 
          <ul class="dropdown-menu"> 
           <li class=""><a href="index.php?option=com_admin&task=profile.edit&id=<?php echo $user->id;?>"><?php echo JText::_('TPL_ISIS_EDIT_ACCOUNT');?></a></li> 
           <li class="divider"></li> 
           <li class=""><a href="<?php echo JRoute::_('index.php?option=com_login&task=logout&'. JSession::getFormToken() .'=1');?>"><?php echo JText::_('TPL_ISIS_LOGOUT');?></a></li> 
          </ul> 
         </li> 
        </ul> 
       </div> 
       <!--/.nav-collapse --> 
      </div> 
     </div> 
    </nav> 
    <!-- Header --> 
    <?php 
    if ($displayHeader): 
    ?> 
    <header class="header"> 
     <div class="container-fluid"> 
      <div class="row-fluid"> 
       <div class="span2 container-logo"> 
        <a class="logo" href="<?php echo $this->baseurl; ?>"><img src="<?php echo $logo;?>" alt="<?php echo $sitename; ?>" /></a> 
       </div> 
       <div class="span10"> 
        <?php if (isset($app->JComponentTitle)) : ?> 
         <h1 class="page-title"><?php echo JHtml::_('string.truncate', $app->JComponentTitle, 0, false, false);?></h1> 
        <?php else : ?> 
         <h1 class="page-title"><?php echo JHtml::_('string.truncate', '', 0, false, false);?></h1> 
        <?php endif; ?> 
       </div> 
      </div> 
     </div> 
    </header> 
    <?php 
    endif; 
    ?> 
    <?php 
    if ((!$statusFixed) && ($this->countModules('status'))): 
    ?> 
    <!-- Begin Status Module --> 
    <div id="status" class="navbar status-top hidden-phone"> 
     <div class="btn-toolbar"> 
      <jdoc:include type="modules" name="status" style="no" /> 
     </div> 
     <div class="clearfix"></div> 
    </div> 
    <!-- End Status Module --> 
    <?php 
    endif; 
    ?> 
    <?php 
    if (!$cpanel): 
    ?> 
    <!-- Subheader --> 
    <a class="btn btn-subhead" data-toggle="collapse" data-target=".subhead-collapse"><?php echo JText::_('TPL_ISIS_TOOLBAR');?> <i class="icon-wrench"></i></a> 
    <div class="subhead-collapse collapse"> 
     <div class="subhead"> 
      <div class="container-fluid"> 
       <div id="container-collapse" class="container-collapse"></div> 
       <div class="row-fluid"> 
        <div class="span12"> 
         <jdoc:include type="modules" name="toolbar" style="no" /> 
        </div> 
       </div> 
      </div> 
     </div> 
    </div> 
    <?php 
    else: 
    ?> 
    <div style="margin-bottom: 20px"></div> 
    <?php 
    endif; 
    ?> 
    <!-- container-fluid --> 
    <div class="container-fluid container-main"> 
     <section id="content"> 
      <!-- Begin Content --> 
      <jdoc:include type="modules" name="top" style="xhtml" /> 
      <div class="row-fluid"> 
       <?php if ($showSubmenu) : ?> 
        <div class="span2"> 
         <jdoc:include type="modules" name="submenu" style="none" /> 
        </div> 
        <div class="span10"> 
       <?php else : ?> 
        <div class="span12"> 
       <?php endif; ?> 
         <jdoc:include type="message" /> 
         <?php 
         // Show the page title here if the header is hidden 
         if (!$displayHeader): 
         ?> 
         <h1 class="content-title"><?php echo JHtml::_('string.truncate', $app->JComponentTitle, 0, false, false);?></h1> 
         <?php 
         endif; 
         ?> 
         <jdoc:include type="component" /> 
        </div> 
      </div> 
      <?php if ($this->countModules('bottom')) : ?> 
       <jdoc:include type="modules" name="bottom" style="xhtml" /> 
      <?php endif; ?> 
      <!-- End Content --> 
     </section> 

     <?php if (!$this->countModules('status') || (!$statusFixed && $this->countModules('status'))) : ?> 
      <footer class="footer"> 
       <p align="center"> 
       <jdoc:include type="modules" name="footer" style="no" /> 
       &copy; <?php echo $sitename; ?> <?php echo date('Y');?></p> 
      </footer> 
     <?php endif; ?> 
    </div> 
    <?php if (($statusFixed) && ($this->countModules('status'))) : ?> 
    <!-- Begin Status Module --> 
    <div id="status" class="navbar navbar-fixed-bottom hidden-phone"> 
     <div class="btn-toolbar"> 
      <div class="btn-group pull-right"> 
       <p><jdoc:include type="modules" name="footer" style="no" /> 
       &copy; <?php echo $sitename; ?> <?php echo date('Y');?></p> 

      </div> 
      <jdoc:include type="modules" name="status" style="no" /> 
     </div> 
    </div> 
    <!-- End Status Module --> 
    <?php endif; ?> 
    <jdoc:include type="modules" name="debug" style="none" /> 
    <?php if ($stickyToolbar) : ?> 
    <script> 
     (function($){ 
      // fix sub nav on scroll 
      var $win = $(window) 
       , $nav = $('.subhead') 
       , navTop = $('.subhead').length && $('.subhead').offset().top - <?php if ($displayHeader || !$statusFixed) : ?>40<?php else:?>20<?php endif;?> 
       , isFixed = 0 

      processScroll() 

      // hack sad times - holdover until rewrite for 2.1 
      $nav.on('click', function() 
      { 
       if (!isFixed) setTimeout(function() { $win.scrollTop($win.scrollTop() - 47) }, 10) 
      }) 

      $win.on('scroll', processScroll) 

      function processScroll() 
      { 
       var i, scrollTop = $win.scrollTop() 
       if (scrollTop >= navTop && !isFixed) 
       { 
        isFixed = 1 
        $nav.addClass('subhead-fixed') 
       } else if (scrollTop <= navTop && isFixed) 
       { 
        isFixed = 0 
        $nav.removeClass('subhead-fixed') 
       } 
      } 
     })(jQuery); 
    </script> 
    <?php endif; ?> 
</body> 
</html> 

預先感謝您

Answer 1

它可能是注入到<jdoc:include type="head" />。

嘗試刪除此行，以進行調試，並查看'惡意'CSS是否仍存在。

如果沒有，那麼代碼事實上注入到這個Joomla包括。編輯該文件被的Joomla，頭叫過來：

/libraries/joomla/document/html/renderer/head.php 

，並嘗試尋找任何不尋常的。

如果你因爲某些原因不想手動修復此問題，嘗試重新安裝的Joomla到已經存在的網站（待注意不要覆蓋當前的configs，數據庫和模板） ，我相信會解決這個問題。

Answer 2

如果你在文件中看不到它，我們也不能...
黑客可能已經修改了數百個文件。

看起來好像它是模板內的東西，但它可以像管理員的插件一樣簡單。

在Firefox或Chrome中使用Inspect Element，並刪除HTML樣式。登錄到您的管理員，並繼續手動刪除HTML樣式，直到您找出黑客做了什麼。