/content-scan.sh
Created Jun 1, 2017
| #!/bin/bash | |
| # Find files that contain suspicious php code | |
| grep -RE 'preg_replace\(|eval\(|base64_decode\(' --include='*.php' . | cut -d: -f 1 | sort -u | while read line ; do echo $line | cat - $line | less ; done |
| #!/bin/bash | |
| # This script scans for rogue php files using neopi.py (https://github.com/Neohapsis/NeoPI) | |
| # To download neopi: | |
| # wget https://raw.githubusercontent.com/Neohapsis/NeoPI/master/neopi.py | |
| # chmod +x neopi.py | |
| ./neopi.py -aA . | awk {' print $2 '} | grep "\./" | sort | uniq -c | sort -nr | awk {' print $2 '} | while read line; do (echo $line;echo;cat $line)|less; done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment