Satış ve Destek +90 (216) 521 78 00

Sepetim Giriş Yap | Kayıt Ol
Tenik Data
How to find malicious code on website - TeknikDATA Hosting Hizmetleri

Bilgi Merkezi

Ana sayfa > Bilgi Merkezi > English > cPanel > cPanel > How to find malicious code on website

How to find malicious code on website

We can use malicious commands and Maldet tool, ClamAV to find malicious code on your website content.

Here is a little piece of code that I run. It searches within cgi and php files for certain strings, and then places the file name within another file so that you can go through them:

find /home/ \( -name “*.cgi” -o -name “*.php” \) -print0 | xargs -0 egrep -l ‘c99shell|r57shell|WebShell|phpshell|shell|c100|base64′ >> /root/report

netstat -anp : Look for programs attached to ports that you did not install / authorize

find / ( -perm -a+w ) ! -type l >> world_writable.txt : Look at world_writable.txt to see all world writable files and directories. This will reveal locations where an attacker can store files on your system. NOTE: Fixing permissions on some PHP/CGI scripts that are not properly coded will break them.

find / -nouser -o -nogroup >> no_owner.txt : Look at no_owner for all files that do not have a user or group associated with them. All files should be owned by a specific user or group to restrict access to them.

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. Please use the following link to download and install Maldet.

http://www.rfxn.com/projects/linux-malware-detect/

Download malware detect

wget http://www.rfxn.com/downloads/maldetect-current.tar.gz 
tar -zxvf maldetect-current.tar.gz 
cd maldetect-1.4.2/

./install.sh

Once installation completed.

try to scan your files.

maldet -a /home/?/public_html

This will scan all your account files… This should preferred with screen.

To scan one particular folder, use this option.

maldet -a /home/testuser

ClamAV

Simply log into WHM, go to the cPanel section and click “Plugins.” Check the box next to “clamavconnector” and click save at the bottom of the page. This will install ClamAV.

Update antivirus database:

freshclam

Scan a directory and print out infected files:

clamav -ri /home

Scan a directly and remove infected files and emails:

clamav -ri –remove /home

Bulut Hosting Bireysel Hosting Kurumsal Hosting Bayi Hosting Uygulama Hosting Wordpress Hosting Joomla Hosting Drupal Hosting E-Ticaret Hosting Haber Hosting Veritabanı Hosting MySQL Hosting MongoDB Hosting PostgreSQL Hosting
Bulut Sunucu Bulut Sunucu Sunucu Barındırma Sunucu Kiralama Sunucu Yük Dengeleyici Bulut Sunucu Standart Bulut Sunucu Enterprise Bulut Sunucu SSD Premium Bulut Sunucu Sunucu Yük Dengeleyici Kiralama Güvenlik Duvarı Kiralama
Kurumsal Email Sunucu Standart Email Sunucu Professional Email Sunucu Enterprise Email Sunucu Bulut Email Bulut E-Posta Hosting Hosted Zimbra Spam/Virüs Gateway Mail Back Up Smart Host ETRN Hizmeti E-Posta Servisleri
Domain Alan Adı Tescil Alan Adı Transfer Alan Adı Yenileme TÜrkçe Alan Adı Kayıt Marka Tescil Marka Tescil Başvuru
CDN Çözümleri Statik Cache Hizmeti İçerik Hızlandırma Coğrafi İçerik Dağıtımı CDN Depolama SSL Sertifika Comodo SSL QuickSSL True BusinessID SSL

LiveZilla Live Help