1. Forum
  3. Main Forum
  5. English Section
  7. Post Fix
  9. Track SPAM infected scripts - Ways To Troubleshoot with CWP7
× Post Fix is a great tool that comes usually bundled with vps servers and handles the mailboxes.

Track SPAM infected scripts - Ways To Troubleshoot with CWP7

Περισσότερα
10 Μήνες 3 Εβδομάδες πριν - 10 Μήνες 3 Εβδομάδες πριν #293 από infogate
Track SPAM infected scripts - Ways To Troubleshoot with CWP7 δημιουργήθηκε από infogate
All this tools can help you to track spam and infected scripts but experienced admin assistance is always needed.
Check this for tracking setup by using headers Using maldet (Malware scanner)Update Maldet
maldet -u

 Scan public_html folder of infected user account
maldet -a /home/USERNAME/public_html
Using ClamAV (Clam Antivirus)
clamscan -r /home/USERNAME/public_html | grep FOUND
If you have noticed that spamming started today then you can search files modified in eg. last two days
find /home/USERNAME/public_html -ctime -2 -name "*.php"
Injected encoded upload code
Mostly hackers inject encoded part of php code in your website files so that they could always spam from your account/server.
Check for encoded part of code mostly added as a first line in each file

 
grep -nr strtoupper /home/USERNAME/public_html |grep eval
or
for i in `find /home/USERNAME/public_html/ -name "*.php"`;do head -n 1 $i|grep "eval" && echo $i;done
Get only filenames
grep -nr strtoupper /home/USERNAME/public_html|grep eval|awk -F: {'print $1'}
Don't forget that you can also check apache logs in folder
/usr/local/apache/logs/How to remove hackers symlink files
find /home/USERNAME/public_html -name "*.php" -type l -exec unlink {} \;

Find all files modified between 2015-12-19 - 2015-12-20
find . -name "*.php" -newermt 2015-12-19 ! -newermt 2015-12-20 -type f
Other useful scripts for spam tracking
find . -type f -name '*.php' -print | xargs grep -i x29
find . -type f -name '*.php' -print | xargs grep -i x29|awk -F: {'print $1'}
find . -type f -name '*.php' -print | xargs grep -E '[0-9a-zA-Z/]{80}'
find . -type f -name '*.php' -print | xargs grep -E '[0-9a-zA-Z/]{80}'|awk -F: {'print $1'}


PHP Mail Log (sent from php scripts)


/usr/local/apache/logs/phpmail.log
			


							

					

					

The best possible way to start your online marketing : fspirits.com/go/leadsleap-home

Explode Your Web Site Traffice: fspirits.com/go/sparktraffic

Start your affiliate journey here: fspirits.com/go/olsp-academy

Best Solution To Create Videos: fspirits.com/go/create-studio-pro

Best Solution To Create Graphics: fspirits.com/go/clickdesigns

Smart Chat Automation: fspirits.com/go/chatterpal

Multi-Purpose Video Maker: fspirits.com/go/avatar-builder

Multi-Purpose Video Creator: fspirits.com/go/video-creator

AI Human Spokesperson Videos: fspirits.com/go/humanpal




				

					

	



	

		Last edit: 10 Μήνες 3 Εβδομάδες πριν  by infogate.			


			
Παρακαλούμε Σύνδεση  ή Δημιουργία λογαριασμού για να συμμετάσχετε στη συζήτηση.



	
		

			 		

													

	





			

						



	

		

	



	

		



	


	

		


	
	

	
			
	
	
	
	

		
		
	



	


	


	

	

		

			
					

	




	


	
	
	



	


	



	
    
		
  1. 
						Forum
			
		
    2. 

					
    3. 
			
  3. 
				Main Forum
				
			
    4. 
					
    5. 
			
  5. 
				English Section
				
			
    6. 
					
    7. 
			
  7. 
				Post Fix
				
			
    8. 
					
    9. 
			
  9. 
				Track SPAM infected scripts - Ways To Troubleshoot with CWP7
				
			
    10. 
		
	


	

	


	

		Χρόνος δημιουργίας σελίδας: 0.030 δευτερόλεπτα	




Powered by Kunena Φόρουμ