被恶意注入钓鱼网站链接

当游览blog时,发现网站左上角有奇怪的link,点进去后竟是黄网。。。想了想这几天没点什么不正常的网站呀,前几天还是好好的,啥情况。。。😓

我需要找到这个link在哪里,经过TS排查,发现link只会出现在我现有这个主题下,换主题就没问题了,所以我去blog管理台找,发现找不到。。。后来登录我的vps,用下面方式找到,注:网站名称已被我隐去:

[root@frank wordpress_data]# find . | xargs grep -ri "xxxx"
./wp-content/themes/page-shippou/header.php:<div id="1049"><a href="https://xxxx.com">xxx voglio</a></div>
./wp-content/themes/page-shippou/header.php:<div id="1049"><a href="https://xxxx.com">xxx voglio</a></div>
./wp-content/themes/page-shippou/header.php:<div id="1049"><a href="https://xxxx.com">xxx voglio</a></div>
./wp-content/themes/page-shippou/header.php:<div id="1049"><a href="https://xxxx.com">xxx voglio</a></div>
./wp-content/themes/page-shippou/header.php:<div id="1049"><a href="https://xxxx.com">xxx voglio</a></div>
grep: ./wp-content/plugins/backupwordpress/vendor/symfony/finder/Tests/Fixtures/with: No such file or directory
grep: space: No such file or directory
grep: ./wp-content/plugins/backupwordpress/vendor/symfony/finder/Tests/Fixtures/with: No such file or directory
grep: space/foo.txt: No such file or directory

现在才发现wordpress控制台下search不太好使呀。。。按照路径找到文件,找到下面内容删掉后恢复,然后赶紧改admin密码😅,先观察几天再说:

1+
你可以留言,或者trackback 从你的网站

留言哦

blonde teen swallows load.xxx videos