Mencari file inject di webserver

February 22, 2010   admin   1 Comment

scanning

OK langsung saja, command berikut adalah yang biasa saya pakai untuk scanning php file inject di webserver FreeBSD. Saya catat di sini biar gak lupa. :D
1. Scanning php files dalam path si username dan mencari 1 kata / strings dalam files php sesuai dengan kata yang kita cari:

server2# find /home/username/ -name "*".php -type f -print0| xargs -0 grep "powered by rapidleech" | uniq -c | sort -u | cut -d":" -f1 | awk '{print "Warning - please check this files " $2}' | uniq

2. Scanning php files dalam path si username dan beberapa kata / strings dalam files php:

server2# find /home/username/ -name "*".php -type f -print0| xargs -0 egrep "rapidleech|c99|r57" | uniq -c | sort -u | cut -d":" -f1 | awk '{print "Warning - please check this files " $2}' | uniq

Tambahan…

3. Kill multiple process di FreeBSD

server2# ps -aux | grep "/usr/sbin/httpd" | awk '{print $2}' | xargs kill

Bash command tutorial di dapat dari diskusiwebhosting.com dan giest.org

Related Posts:

Posted in: Tips and Trick, Webserver   Tags: , ,

One Response to Mencari file inject di webserver

  1. raksa says:
    3 March 2010 at 4:48 pm

    belum ngerti maksudnya gan…. soallnya wa masih cupu :)

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>