Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Search directory for PHP files containing malicious code
## eval() is used to executed shell commands through PHP
grep -ri "eval(" $PWD --include *.php
## exec() is used to executed shell commands through PHP
grep -ri "exec(" $PWD --include *.php
## Malicious code is often obfuscated through base64 encoding
grep -ri "base64" $PWD --include *.php
## Malicious code is often obfuscated through gzip
grep -ri "gzinflate" $PWD --include *.php
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment