|
一句话查找 PHP 木马7 s$ ?, @4 T0 B, _+ B
5 S0 `- z: V$ P4 f5 F- v1 |
find ./ -name "*.php" |xargs egrep "phpspy|c99sh|milw0rm|eval_r(gunerpress|eval_r(base64_decoolcode|spider_bc"> /tmp/php.txt
% E/ d" i/ [5 G8 h grep -r --include=*.php '[^a-z]eval_r($_POST' . > /tmp/eval.txt
; T2 h$ A4 x ?2 }$ h$ {! [ grep -r --include=*.php 'file_put_contents(.*$_POST[.*]);' . > /tmp/file_put_contents.txt! k D0 v) Y" s: ?. x3 z9 D
find ./ -name "*.php" -type f -print0 | xargs -0 egrep "(phpspy|c99sh|milw0rm|eval_r(gzuncompress(base64_decoolcode|eval_r(base64_decoolcode|spider_bc|gzinflate)" | awk -F: '{print $1}' | sort | uniq) Q1 u) ?9 Q* l7 o) m- f
查找最近一天被修改的 PHP 文件
9 y5 G+ i% C, |" y0 h: N5 m9 Ofind -mtime -1 -type f -name *.php! ~9 m% j/ o& Q4 P% V
修改网站的权限
8 j3 e% O+ T5 N! l/ g 2 w4 H J+ d2 B' v! ?7 T9 U- k# c
find -type f -name *.php -exec chmod 444 {} ;# l! f0 `3 C9 B" {7 i. C S
find ./ -type d -exec chmod 555{} ; |