edb2-w
Last Updated: February 25, 2016
·
4.798K
· derrybirkett
Drb

Scanning for PHP malware backdoors

Every Wordpress bod is going to encounter some malware or security issues. Here are some common tricks to find the backdoor.

Find common backdoors

</>grep -ri "eval" [path]

</>grep -ri "base64_decode" [path]

Find recently modified files

</>find -type f -ctime -0 | more

The -type looks for files, and -ctime restricts your scan to the last 24 hours. You can look at the last 24 or 48 hours by specifying -1 or -2, respectively.

Find PHP files in uploads (for wordpress)

</>find uploads -name "*.php" -print

Say Thanks
Respond