hn-support/content-scan.sh

## content-scan.sh
#!/bin/bash
# Find files that contain suspicious php code
grep -RE 'preg_replace\(|eval\(|base64_decode\(' --include='*.php' . | cut -d: -f 1 | sort -u | while read line ; do echo $line | cat - $line | less ; done

## neo-scan.sh
#!/bin/bash
# This script scans for rogue php files using neopi.py (https://github.com/Neohapsis/NeoPI)
# To download neopi:
# wget https://raw.githubusercontent.com/Neohapsis/NeoPI/master/neopi.py
# chmod +x neopi.py
./neopi.py -aA . | awk {' print $2 '} | grep "\./" | sort | uniq -c | sort -nr | awk {' print $2 '} | while read line; do (echo $line;echo;cat $line)|less; done
	#!/bin/bash
	# Find files that contain suspicious php code
	grep -RE 'preg_replace\(\|eval\(\|base64_decode\(' --include='*.php' . \| cut -d: -f 1 \| sort -u \| while read line ; do echo $line \| cat - $line \| less ; done
	#!/bin/bash
	# This script scans for rogue php files using neopi.py (https://github.com/Neohapsis/NeoPI)
	# To download neopi:
	# wget https://raw.githubusercontent.com/Neohapsis/NeoPI/master/neopi.py
	# chmod +x neopi.py
	./neopi.py -aA . \| awk {' print $2 '} \| grep "\./" \| sort \| uniq -c \| sort -nr \| awk {' print $2 '} \| while read line; do (echo $line;echo;cat $line)\|less; done