phlbnks
/ gform_clamav.php
Created
August 8, 2016 17:21
Scan Gravity Forms uploads with ClamAV - WordPress
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Scan Gravity Forms uploads with ClamAV | |
| * Based on 'Custom Scan AV function by Kris Chase' | |
| * https://krischase.com/detect-and-prevent-malware-in-gravity-forms-file-upload-with-php-clamav/ | |
| * Requires clamav and php-clamav installed and enabled | |
| */ | |
| function myfunc_uploads_clamav( $validation_result ) { | |
| if ( $_FILES ) { | |
| $form = $validation_result['form']; |
tlongren
/ find-wp-hacks.php
Last active
April 19, 2016 20:56
Find base64 inside PHP files, may indicate a hack, usually involving WordPress
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Script by Kris Chase ( kris@mehh.org ) | |
| # http://krischase.com | |
| # Source: http://krischase.com/how-to-find-and-clean-up-infected-wordpress-files-over-ssh/ | |
| # | |
| # Modified by Tyler Longren to include ( tyler@longren.io ) | |
| # https://longren.io | |
| # Neither of us are responsible for any damage that may occur when running this script. | |
| LIST=infectedfiles.txt |