× Post Fix is a great tool that comes usually bundled with vps servers and handles the mailboxes.

Track SPAM infected scripts - Ways To Troubleshoot with CWP7

Περισσότερα
11 Μήνες 3 Εβδομάδες πριν - 11 Μήνες 3 Εβδομάδες πριν #293 από infogate
All this tools can help you to track spam and infected scripts but experienced admin assistance is always needed.
Check this for tracking setup by using headers Using maldet (Malware scanner)Update Maldet
maldet -u

 Scan public_html folder of infected user account
maldet -a /home/USERNAME/public_html
Using ClamAV (Clam Antivirus)
clamscan -r /home/USERNAME/public_html | grep FOUND
If you have noticed that spamming started today then you can search files modified in eg. last two days
find /home/USERNAME/public_html -ctime -2 -name "*.php"
Injected encoded upload code
Mostly hackers inject encoded part of php code in your website files so that they could always spam from your account/server.
Check for encoded part of code mostly added as a first line in each file

 
grep -nr strtoupper /home/USERNAME/public_html |grep eval
or
for i in `find /home/USERNAME/public_html/ -name "*.php"`;do head -n 1 $i|grep "eval" && echo $i;done
Get only filenames
grep -nr strtoupper /home/USERNAME/public_html|grep eval|awk -F: {'print $1'}
Don't forget that you can also check apache logs in folder
/usr/local/apache/logs/How to remove hackers symlink files
find /home/USERNAME/public_html -name "*.php" -type l -exec unlink {} \;

Find all files modified between 2015-12-19 - 2015-12-20
find . -name "*.php" -newermt 2015-12-19 ! -newermt 2015-12-20 -type f
Other useful scripts for spam tracking
find . -type f -name '*.php' -print | xargs grep -i x29
find . -type f -name '*.php' -print | xargs grep -i x29|awk -F: {'print $1'}
find . -type f -name '*.php' -print | xargs grep -E '[0-9a-zA-Z/]{80}'
find . -type f -name '*.php' -print | xargs grep -E '[0-9a-zA-Z/]{80}'|awk -F: {'print $1'}

PHP Mail Log (sent from php scripts)
/usr/local/apache/logs/phpmail.log


The best possible way to start your online marketing : fspirits.com/go/leadsleap-home
Explode Your Web Site Traffice: fspirits.com/go/sparktraffic
Start your affiliate journey here: fspirits.com/go/olsp-academy
Best Solution To Create Videos: fspirits.com/go/create-studio-pro
Best Solution To Create Graphics: fspirits.com/go/clickdesigns
Smart Chat Automation: fspirits.com/go/chatterpal
Multi-Purpose Video Maker: fspirits.com/go/avatar-builder
Multi-Purpose Video Creator: fspirits.com/go/video-creator
AI Human Spokesperson Videos: fspirits.com/go/humanpal

Last edit: 11 Μήνες 3 Εβδομάδες πριν by infogate.

Παρακαλούμε Σύνδεση ή Δημιουργία λογαριασμού για να συμμετάσχετε στη συζήτηση.

Χρόνος δημιουργίας σελίδας: 0.159 δευτερόλεπτα
Powered by Kunena Φόρουμ