惊爆:宝塔面板留后门搜集隐私信息,附紧急修复方案
宝塔面板7.7.0https://github.com/8838/btpanel-v7.7.0
[*]curl -sSO https://raw.githubusercontent.co ... ll/install_panel.sh && bash install_panel.sh
[*]
[*]1,屏蔽手机号
[*]sed -i "s|bind_user == 'True'|bind_user == 'XXXX'|" /www/server/panel/BTPanel/static/js/index.js
[*]2,删除强制绑定手机js文件
[*]rm -f /www/server/panel/data/bind.pl
[*]3,手动解锁宝塔所有付费插件为永不过期
[*]文件路径:/www/server/panel/data/plugin.json
[*]搜索字符串:"endtime": -1全部替换为"endtime": 999999999999
[*]4,给plugin.json文件上锁防止自动修复为免费版
[*]chattr +i /www/server/panel/data/plugin.json
[*]
echo "" > /www/server/panel/script/site_task.py
chattr +i /www/server/panel/script/site_task.py
rm -rf /www/server/panel/logs/request/*
chattr +i -R /www/server/panel/logs/request
页:
[1]