José Daniel Paternina josedaniel

## gist:1515478
123456789
12345678
11111111
dearbook
00000000
123123123
1234567890
88888888
111111111
147258369

## commands-to-find-malware.sh
# files modified within 30 days.
find /home/mywebsite -type f -name "*.php" -ctime -30

# find for suspicious strings
find ./ -name "*.php" -type f |  xargs sed -i 's#<?php /\*\*/ eval(base64_decode("aWY.*?>##g' 2>&1
find ./ -name "*.php" -type f |  xargs sed -i '/./,$!d' 2>&1

# grep for suspicious and very long strings
grep -R "document.write(unescape" *
grep -iR --include "*.js" "[a-zA-Z0-9\/\+]\{255,\}" *

## README.md

      
              2 files
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                josedaniel
                / README.md
            
            
              Created
              February 10, 2014 23:06
                — forked from oodavid/README.md
            
          
    Deploy your site with git

This gist assumes:

you have a local git repo
with an online remote repository (github / bitbucket etc)
and a cloud server (Rackspace cloud / Amazon EC2 etc)

your (PHP) scripts are served from /var/www/html/
your webpages are executed by apache


apache's home directory is /var/www/
	123456789
	12345678
	11111111
	dearbook
	00000000
	123123123
	1234567890
	88888888
	111111111
	147258369
	# files modified within 30 days.
	find /home/mywebsite -type f -name "*.php" -ctime -30

	# find for suspicious strings
	find ./ -name ".php" -type f \| xargs sed -i 's#<?php /\\/ eval(base64_decode("aWY.?>##g' 2>&1
	find ./ -name "*.php" -type f \| xargs sed -i '/./,$!d' 2>&1

	# grep for suspicious and very long strings
	grep -R "document.write(unescape" *
	grep -iR --include ".js" "[a-zA-Z0-9\/\+]\{255,\}"