欢迎光临
我们一直在努力

Linux查webshell

在网站目录差找如下关键字:


grep -Rn "shell_exec *(" /var/www
grep -Rn "base64_decode *(" /var/www
grep -Rn "phpinfo *(" /var/www
grep -Rn "system *(" /var/www
grep -Rn "php_uname *(" /var/www
grep -Rn "chmod *(" /var/www
grep -Rn "fopen *(" /var/www
grep -Rn "fclose *(" /var/www
grep -Rn "readfile *(" /var/www
grep -Rn "edoced_46esab *(" /var/www
grep -Rn "eval *(" /var/www
grep -Rn "pwd" /var/www
grep -Rn "pass" /var/www
grep -Rn "pw" /var/www
grep -Rn 密码" /var/www

find:


find /www/ -name "*.php" |xargs egrep 'assert|phpspy|c99sh|milw0rm|eval|/(gunerpress|/(base64_decoolcode|spider_bc|shell_exec|passthru|/(/$/_/POST/[|eval /(str_rot13|/.chr/(|/$/{/"/_P|eval/(/$/_R|file_put_contents/(/./*/$/_|base64_decode'
未经允许不得转载:杂术馆 » Linux查webshell
分享到: 更多 (0)