SELECT data_key, data_value
FROM xf_data_registry
WHERE data_key IN ('options', 'languages', 'contentTypes', 'codeEventListeners', 'deferredRun', 'simpleCache', 'addOns', 'defaultStyleProperties', 'routeFiltersIn', 'routeFiltersOut', 'routesPublic', 'nodeTypes', 'bannedIps', 'discouragedIps', 'styles', 'displayStyles', 'userBanners', 'smilies', 'bbCode', 'threadPrefixes', 'userTitleLadder', 'reportCounts', 'moderationCounts', 'userModerationCounts', 'notices', 'userFieldsInfo')
Run Time: 0.000544
Select Type | Table | Type | Possible Keys | Key | Key Len | Ref | Rows | Extra |
---|
SIMPLE | xf_data_registry | range | PRIMARY | PRIMARY | 27 | | 26 | Using where |
SELECT data_key, data_value
FROM xf_data_registry
WHERE data_key IN ('brListenerClasses', 'brBriviumAddOns')
Run Time: 0.000147
Select Type | Table | Type | Possible Keys | Key | Key Len | Ref | Rows | Extra |
---|
SIMPLE | xf_data_registry | range | PRIMARY | PRIMARY | 27 | | 2 | Using where |
SELECT *
FROM xf_brivium_addon
ORDER BY addon_id
Run Time: 0.000162
Select Type | Table | Type | Possible Keys | Key | Key Len | Ref | Rows | Extra |
---|
SIMPLE | xf_brivium_addon | index | | PRIMARY | 77 | | 1 | |
INSERT INTO xf_data_registry
(data_key, data_value)
VALUES
(?, ?)
ON DUPLICATE KEY UPDATE
data_value = VALUES(data_value)
Params: brBriviumAddOns, a:0:{}
Run Time: 0.000128
SELECT cache_value
FROM xf_permission_combination
WHERE permission_combination_id = ?
Params: 1
Run Time: 0.000148
Select Type | Table | Type | Possible Keys | Key | Key Len | Ref | Rows | Extra |
---|
SIMPLE | xf_permission_combination | const | PRIMARY | PRIMARY | 4 | const | 1 | |
SELECT thread.*
,
user.gender, user.avatar_date, user.gravatar,
NULL AS thread_read_date,
0 AS thread_reply_banned,
0 AS thread_is_watched,
'' AS draft_message, NULL AS draft_extra
FROM xf_thread AS thread
LEFT JOIN xf_user AS user ON
(user.user_id = thread.user_id)
WHERE thread.thread_id = ?
Params: 221638
Run Time: 0.000425
Select Type | Table | Type | Possible Keys | Key | Key Len | Ref | Rows | Extra |
---|
SIMPLE | thread | const | PRIMARY | PRIMARY | 4 | const | 1 | |
SIMPLE | user | const | PRIMARY | PRIMARY | 4 | const | 1 | |
SELECT node.*, forum.*
,
permission.cache_value AS node_permission_cache,
NULL AS forum_read_date
FROM xf_forum AS forum
INNER JOIN xf_node AS node ON (node.node_id = forum.node_id)
LEFT JOIN xf_permission_cache_content AS permission
ON (permission.permission_combination_id = 1
AND permission.content_type = 'node'
AND permission.content_id = forum.node_id)
WHERE node.node_id = ?
Params: 25
Run Time: 0.000392
Select Type | Table | Type | Possible Keys | Key | Key Len | Ref | Rows | Extra |
---|
SIMPLE | forum | const | PRIMARY | PRIMARY | 4 | const | 1 | |
SIMPLE | node | const | PRIMARY | PRIMARY | 4 | const | 1 | |
SIMPLE | permission | const | PRIMARY | PRIMARY | 35 | const,const,const | 1 | |
SELECT post.*
,
thread.*, thread.user_id AS thread_user_id, thread.username AS thread_username,
thread.post_date AS thread_post_date,
post.user_id, post.username, post.post_date,
bb_code_parse_cache.parse_tree AS message_parsed, bb_code_parse_cache.cache_version AS message_cache_version,
user.*, IF(user.username IS NULL, post.username, user.username) AS username,
user_profile.*,
user_privacy.*,
signature_parse_cache.parse_tree AS signature_parsed, bb_code_parse_cache.cache_version AS signature_cache_version,
session_activity.view_date AS last_view_date,
0 AS like_date
FROM xf_post AS post
INNER JOIN xf_thread AS thread ON
(thread.thread_id = post.thread_id)
LEFT JOIN xf_bb_code_parse_cache AS bb_code_parse_cache ON
(bb_code_parse_cache.content_type = 'post' AND bb_code_parse_cache.content_id = post.post_id)
LEFT JOIN xf_user AS user ON
(user.user_id = post.user_id)
LEFT JOIN xf_user_profile AS user_profile ON
(user_profile.user_id = post.user_id)
LEFT JOIN xf_user_privacy AS user_privacy ON
(user_privacy.user_id = post.user_id)
LEFT JOIN xf_bb_code_parse_cache AS signature_parse_cache ON
(signature_parse_cache.content_type = 'signature' AND signature_parse_cache.content_id = post.user_id)
LEFT JOIN xf_session_activity AS session_activity ON
(post.user_id > 0 AND session_activity.user_id = post.user_id AND session_activity.unique_key = CAST(post.user_id AS BINARY))
WHERE (
(post.thread_id = ? AND (post.position >= 0 AND post.position < 10) )
)
AND (post.message_state IN ('visible'))
ORDER BY post.position ASC, post.post_date ASC
Params: 221638
Run Time: 0.001825
Select Type | Table | Type | Possible Keys | Key | Key Len | Ref | Rows | Extra |
---|
SIMPLE | thread | const | PRIMARY | PRIMARY | 4 | const | 1 | Using filesort |
SIMPLE | post | ref | thread_id_post_date,thread_id_position | thread_id_post_date | 4 | const | 1 | Using index condition; Using where |
SIMPLE | bb_code_parse_cache | eq_ref | content_type_id | content_type_id | 31 | const,xenforo.cc.post.post_id | 1 | Using where |
SIMPLE | user | eq_ref | PRIMARY | PRIMARY | 4 | xenforo.cc.post.user_id | 1 | |
SIMPLE | user_profile | eq_ref | PRIMARY | PRIMARY | 4 | xenforo.cc.post.user_id | 1 | |
SIMPLE | user_privacy | eq_ref | PRIMARY | PRIMARY | 4 | xenforo.cc.post.user_id | 1 | |
SIMPLE | signature_parse_cache | eq_ref | content_type_id | content_type_id | 31 | const,xenforo.cc.post.user_id | 1 | Using where |
SIMPLE | session_activity | eq_ref | PRIMARY | PRIMARY | 22 | xenforo.cc.post.user_id,func | 1 | Using where |
INSERT INTO xf_thread_view
(thread_id)
VALUES
(?)
Params: 221638
Run Time: 0.000098
INSERT INTO `xf_session` (`session_id`, `session_data`, `expiry_date`) VALUES (?, ?, ?)
Params: 213cc716cd7ffe60f29093fb550f320e, , 1714367502
Run Time: 0.000912
INSERT INTO xf_session_activity
(user_id, unique_key, ip, controller_name, controller_action, view_state, params, view_date, robot_key)
VALUES
(?, ?, ?, ?, ?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE
ip = VALUES(ip),
controller_name = VALUES(controller_name),
controller_action = VALUES(controller_action),
view_state = VALUES(view_state),
params = VALUES(params),
view_date = VALUES(view_date),
robot_key = VALUES(robot_key)
Params: 0, , , XenForo_ControllerPublic_Thread, Index, valid, thread_id=221638, 1714363902,
Run Time: 0.000329
INSERT INTO xf_bb_code_parse_cache
(content_type, content_id, parse_tree, cache_version, cache_date)
VALUES (?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE parse_tree = VALUES(parse_tree),
cache_version = VALUES(cache_version),
cache_date = VALUES(cache_date)
Params: post, 227143, a:18:{i:0;a:4:{s:3:"tag";s:1:"b";s:6:"option";N;s:8:"original";a:2:{i:0;s:3:"[B]";i:1;s:4:"[/B]";}s:8:"children";a:1:{i:0;s:104:"微软终于为Office 2016引入了一项可让用于远离宏恶意软件攻击的重要安全特性。";}}i:1;s:310:"多年以来,“宏病毒”一直是Office套件的一个硬伤。尽管宏操作可以带来诸多便利,但是也有许多攻击者将目光瞄上了它,相信很多人都有在Word、Excel和PowerPoint中见到过“宏”的身影。通常情况下,攻击者们会通过垃圾邮件来传播。
";i:2;a:4:{s:3:"tag";s:6:"center";s:6:"option";N;s:8:"original";a:2:{i:0;s:8:"[CENTER]";i:1;s:9:"[/CENTER]";}s:8:"children";a:1:{i:0;a:4:{s:3:"tag";s:3:"url";s:6:"option";s:132:"http://i1-news.softpedia-static.com/images/news2/microsoft-adds-new-feature-in-office-2016-that-can-block-macro-malware-502058-4.png";s:8:"original";a:2:{i:0;s:140:"[URL='http://i1-news.softpedia-static.com/images/news2/microsoft-adds-new-feature-in-office-2016-that-can-block-macro-malware-502058-4.png']";i:1;s:6:"[/URL]";}s:8:"children";a:1:{i:0;a:4:{s:3:"tag";s:3:"img";s:6:"option";N;s:8:"original";a:2:{i:0;s:5:"[IMG]";i:1;s:6:"[/IMG]";}s:8:"children";a:1:{i:0;s:65:"http://static.cnbetacdn.com/article/2016/0323/60d45009b802120.png";}}}}}}i:3;s:369:"
为了引诱人们下载并打开带毒附件,攻击者还会在描述中附上欺骗性的描述(社会工程学),以便在Office软件提示文件含有不明宏操作时仍然选择放行。
对于安全很敏感的用户,会立即发现问题并远离之。但考虑到大多数人并不是这方面的专家,中招的受害人还是不胜枚举。
";i:4;a:4:{s:3:"tag";s:6:"center";s:6:"option";N;s:8:"original";a:2:{i:0;s:8:"[CENTER]";i:1;s:9:"[/CENTER]";}s:8:"children";a:1:{i:0;a:4:{s:3:"tag";s:3:"url";s:6:"option";s:132:"http://i1-news.softpedia-static.com/images/news2/microsoft-adds-new-feature-in-office-2016-that-can-block-macro-malware-502058-2.png";s:8:"original";a:2:{i:0;s:140:"[URL='http://i1-news.softpedia-static.com/images/news2/microsoft-adds-new-feature-in-office-2016-that-can-block-macro-malware-502058-2.png']";i:1;s:6:"[/URL]";}s:8:"children";a:1:{i:0;a:4:{s:3:"tag";s:3:"img";s:6:"option";N;s:8:"original";a:2:{i:0;s:5:"[IMG]";i:1;s:6:"[/IMG]";}s:8:"children";a:1:{i:0;s:65:"http://static.cnbetacdn.com/article/2016/0323/d6c4441518c11cc.png";}}}}}}i:5;s:89:"
在成功欺骗并取得运行权限之后,有些宏恶意软件会尝试联系远程";i:6;a:4:{s:3:"tag";s:3:"url";s:6:"option";s:31:"http://click.aliyun.com/m/1423/";s:8:"original";a:2:{i:0;s:39:"[URL='http://click.aliyun.com/m/1423/']";i:1;s:6:"[/URL]";}s:8:"children";a:1:{i:0;s:9:"服务器";}}i:7;s:119:"并加载各种类型的恶意操作内容,比如间谍软件、广告软件、甚至勒索软件。
不过现在,";i:8;a:4:{s:3:"tag";s:3:"url";s:6:"option";s:65:"http://clkde.tradedoubler.com/click?p=235167&a=2355305&g=21862034";s:8:"original";a:2:{i:0;s:73:"[URL='http://clkde.tradedoubler.com/click?p=235167&a=2355305&g=21862034']";i:1;s:6:"[/URL]";}s:8:"children";a:1:{i:0;s:6:"微软";}}i:9;s:187:"已经宣布了一项新功能,作为Office 2016的一项新功能,系统管理员可以阻断不可信来源的宏文件了(大多数都配置为需要互联网访问权限)。
";i:10;a:4:{s:3:"tag";s:6:"center";s:6:"option";N;s:8:"original";a:2:{i:0;s:8:"[CENTER]";i:1;s:9:"[/CENTER]";}s:8:"children";a:1:{i:0;a:4:{s:3:"tag";s:3:"url";s:6:"option";s:132:"http://i1-news.softpedia-static.com/images/news2/microsoft-adds-new-feature-in-office-2016-that-can-block-macro-malware-502058-3.png";s:8:"original";a:2:{i:0;s:140:"[URL='http://i1-news.softpedia-static.com/images/news2/microsoft-adds-new-feature-in-office-2016-that-can-block-macro-malware-502058-3.png']";i:1;s:6:"[/URL]";}s:8:"children";a:1:{i:0;a:4:{s:3:"tag";s:3:"img";s:6:"option";N;s:8:"original";a:2:{i:0;s:5:"[IMG]";i:1;s:6:"[/IMG]";}s:8:"children";a:1:{i:0;s:65:"http://static.cnbetacdn.com/article/2016/0323/d7fd77a059f4683.png";}}}}}}i:11;s:177:"
在网络管理员在安装Office 2016并配置了这一保护措施之后,用户在尝试启用文件宏时,就会看到“内容被阻止”的红色警告提示栏。
";i:12;a:4:{s:3:"tag";s:1:"b";s:6:"option";N;s:8:"original";a:2:{i:0;s:3:"[B]";i:1;s:4:"[/B]";}s:8:"children";a:1:{i:0;s:33:"下面是具体的操作步骤:";}}i:13;s:2:"
";i:14;a:4:{s:3:"tag";s:6:"indent";s:6:"option";N;s:8:"original";a:2:{i:0;s:8:"[INDENT]";i:1;s:9:"[/INDENT]";}s:8:"children";a:9:{i:0;s:23:"
(1)从微软官网";i:1;a:4:{s:3:"tag";s:3:"url";s:6:"option";s:62:"https://www.microsoft.com/en-us/download/details.aspx?id=49030";s:8:"original";a:2:{i:0;s:70:"[URL='https://www.microsoft.com/en-us/download/details.aspx?id=49030']";i:1;s:6:"[/URL]";}s:8:"children";a:1:{i:0;s:6:"下载";}}i:2;s:11:"Office 2016";i:3;a:4:{s:3:"tag";s:1:"b";s:6:"option";N;s:8:"original";a:2:{i:0;s:3:"[B]";i:1;s:4:"[/B]";}s:8:"children";a:1:{i:0;s:18:"管理模板文件";}}i:4;s:18:"(ADMX/ADML)和";i:5;a:4:{s:3:"tag";s:1:"b";s:6:"option";N;s:8:"original";a:2:{i:0;s:3:"[B]";i:1;s:4:"[/B]";}s:8:"children";a:1:{i:0;s:18:"Office定制工具";}}i:6;s:18:";
(2)打开";i:7;a:4:{s:3:"tag";s:1:"b";s:6:"option";N;s:8:"original";a:2:{i:0;s:3:"[B]";i:1;s:4:"[/B]";}s:8:"children";a:1:{i:0;s:18:"组策略管理器";}}i:8;s:472:",点击‘开始’->‘控制面板’->‘管理员工具’->‘组策略管理’;
(3)定位并右键点击需要配置编辑的‘组策略对象’;
(4)选择‘组策略管理编辑器’->‘用户配置’(如上图所示);
(5)选择‘管理员模板’->‘Microsoft Word 2016’->‘Word选项’->‘安全’->‘信任中心’;
(6)打开‘组织需要连接互联网运行的Office宏文件’选项,配置并启用。
";}}i:15;s:15:"
[编译自:";i:16;a:4:{s:3:"tag";s:3:"url";s:6:"option";s:114:"http://news.softpedia.com/news/microsoft-adds-new-feature-in-office-2016-that-can-block-macro-malware-502058.shtml";s:8:"original";a:2:{i:0;s:122:"[URL='http://news.softpedia.com/news/microsoft-adds-new-feature-in-office-2016-that-can-block-macro-malware-502058.shtml']";i:1;s:6:"[/URL]";}s:8:"children";a:1:{i:0;s:10:"Soft Pedia";}}i:17;s:1:"]";}, 1621686945, 1714363902
Run Time: 0.000910