阿里云提示 Didcuz memcache+ssrf GETSHELL漏洞修复方法

天外飘仙

近期很多使用阿里云的站长收到了阿里云给出的漏洞消息，漏洞名称如下：
Discuz memcache+ssrf GETSHELL漏洞
这里给大家提供一个简单的修复方案！
首先找到这个文件
source/function/function_core.php
搜索代码：

1. function output_replace($content) {  
   
2.     global $_G;  
   
3.     if(defined('IN_MODCP') || defined('IN_ADMINCP')) return $content;  
   
4.     if(!empty($_G['setting']['output']['str']['search'])) {  
   
5.         if(empty($_G['setting']['domain']['app']['default'])) {  
   
6.             $_G['setting']['output']['str']['replace'] = str_replace('{CURHOST}', $_G['siteurl'], $_G['setting']['output']['str']['replace']);  
   
7.         }  
   
8.         $content = str_replace($_G['setting']['output']['str']['search'], $_G['setting']['output']['str']['replace'], $content);  
   
9.     }  
   
10.     if(!empty($_G['setting']['output']['preg']['search']) && (empty($_G['setting']['rewriteguest']) || empty($_G['uid']))) {  
    
11.         if(empty($_G['setting']['domain']['app']['default'])) {  
    
12.             $_G['setting']['output']['preg']['search'] = str_replace('\{CURHOST\}', preg_quote($_G['siteurl'], '/'), $_G['setting']['output']['preg']['search']);  
    
13.             $_G['setting']['output']['preg']['replace'] = str_replace('{CURHOST}', $_G['siteurl'], $_G['setting']['output']['preg']['replace']);  
    
14.         }  
    
15.   
    
16.   
    
17.         foreach($_G['setting']['output']['preg']['search'] as $key => $value) {  
    
18.             $content = preg_replace_callback($value, create_function('$matches', 'return '.$_G['setting']['output']['preg']['replace'][$key].';'), $content);  
    
19.         }  
    
20.     }  
    
21.   
    
22.   
    
23.     return $content;

复制代码

添加一行代码，如下

1. function output_replace($content) {  
   
2.     global $_G;  
   
3.     if(defined('IN_MODCP') || defined('IN_ADMINCP')) return $content;  
   
4.     if(!empty($_G['setting']['output']['str']['search'])) {  
   
5.         if(empty($_G['setting']['domain']['app']['default'])) {  
   
6.             $_G['setting']['output']['str']['replace'] = str_replace('{CURHOST}', $_G['siteurl'], $_G['setting']['output']['str']['replace']);  
   
7.         }  
   
8.         $content = str_replace($_G['setting']['output']['str']['search'], $_G['setting']['output']['str']['replace'], $content);  
   
9.     }  
   
10.     if(!empty($_G['setting']['output']['preg']['search']) && (empty($_G['setting']['rewriteguest']) || empty($_G['uid']))) {  
    
11.         if(empty($_G['setting']['domain']['app']['default'])) {  
    
12.             $_G['setting']['output']['preg']['search'] = str_replace('\{CURHOST\}', preg_quote($_G['siteurl'], '/'), $_G['setting']['output']['preg']['search']);  
    
13.             $_G['setting']['output']['preg']['replace'] = str_replace('{CURHOST}', $_G['siteurl'], $_G['setting']['output']['preg']['replace']);  
    
14.         }  
    
15.          
    
16.         if (preg_match("(/|#|\+|%).*(/|#|\+|%)e", $_G['setting']['output']['preg']['search']) !== FALSE) { die("request error"); }//本行代码为新增代码  
    
17.          
    
18.         foreach($_G['setting']['output']['preg']['search'] as $key => $value) {  
    
19.             $content = preg_replace_callback($value, create_function('$matches', 'return '.$_G['setting']['output']['preg']['replace'][$key].';'), $content);  
    
20.         }  
    
21.     }  
    
22.   
    
23.   
    
24.     return $content;  
    
25. }  

复制代码

然后将修改好的文件保存，上传到服务器目录覆盖一下，然后去阿里云对应漏洞提示后面点击“验证一下”，验证时候漏洞提示就会消失！
问题解决！