Jump to content
Vlachs

shell finder

By Vlachs, in Programare

Recommended Posts

Vlachs Newbie

Vlachs

Posted
Posted 

#!/usr/bin/env bash
# Identifies instances of the c99Shell PHP trojan within PHP files

FIND_LOC=${1:-/var/www/html/} # Root the find by the a directory provided as argument or default to root
echo "Starting search from $FIND_LOC..."
find $FIND_LOC -type f -iname '*.php' -exec grep -qi 'C99Shell' '{}' \; -print
echo "Complete"

sudo find <search dirs here>/* -exec /bin/bash -c 'egrep -l "(\/tmp\/cmdtemp|SnIpEr_SA|Bhlynx|x2300|c99shell|r57shell|milw0rm|g00nshell|locus7|MyShell|PHP\ Shell|phpshell|PHPShell|PHPKonsole|Haxplorer|phpRemoteView|w4ck1ng|PHP-Proxy|Locus7s|ccteam|phpConfigSpy|RAPIDLEECH|replyto.txt)" "$1" >> <your dir here>/shellcheck.cz' -- "{}" \;

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...