× Post Fix is a great tool that comes usually bundled with vps servers and handles the mailboxes.

Track SPAM infected scripts - Ways To Troubleshoot with CWP7

Έναρξη
Προηγούμενο
1
Επόμενο
Τέλος

infogate
Συντάκτης θέματος
Αποσυνδεμένος
Administrator
Imagination is the beginning of creation

Περισσότερα

3 Μήνες 4 Εβδομάδες πριν - 3 Μήνες 4 Εβδομάδες πριν #293 από infogate

Track SPAM infected scripts - Ways To Troubleshoot with CWP7 δημιουργήθηκε από infogate

All this tools can help you to track spam and infected scripts but experienced admin assistance is always needed.
Check this for tracking setup by using headers Using maldet (Malware scanner)Update Maldet

maldet -u

Scan public_html folder of infected user account

maldet -a /home/USERNAME/public_html

Using ClamAV (Clam Antivirus)

clamscan -r /home/USERNAME/public_html | grep FOUND

If you have noticed that spamming started today then you can search files modified in eg. last two days

find /home/USERNAME/public_html -ctime -2 -name "*.php"

Injected encoded upload code
Mostly hackers inject encoded part of php code in your website files so that they could always spam from your account/server.
Check for encoded part of code mostly added as a first line in each file

grep -nr strtoupper /home/USERNAME/public_html |grep eval

for i in `find /home/USERNAME/public_html/ -name "*.php"`;do head -n 1 $i|grep "eval" && echo $i;done

Get only filenames

grep -nr strtoupper /home/USERNAME/public_html|grep eval|awk -F: {'print $1'}

Don't forget that you can also check apache logs in folder
/usr/local/apache/logs/How to remove hackers symlink files

find /home/USERNAME/public_html -name "*.php" -type l -exec unlink {} \;

Find all files modified between 2015-12-19 - 2015-12-20

find . -name "*.php" -newermt 2015-12-19 ! -newermt 2015-12-20 -type f

Other useful scripts for spam tracking

find . -type f -name '*.php' -print | xargs grep -i x29

find . -type f -name '*.php' -print | xargs grep -i x29|awk -F: {'print $1'}

find . -type f -name '*.php' -print | xargs grep -E '[0-9a-zA-Z/]{80}'

find . -type f -name '*.php' -print | xargs grep -E '[0-9a-zA-Z/]{80}'|awk -F: {'print $1'}

PHP Mail Log (sent from php scripts)

/usr/local/apache/logs/phpmail.log

The best possible way to start your online marketing : fspirits.com/go/leadsleap-home
Explode Your Web Site Traffice: fspirits.com/go/sparktraffic
Start your affiliate journey here: fspirits.com/go/olsp-academy
Best Solution To Create Videos: fspirits.com/go/create-studio-pro
Best Solution To Create Graphics: fspirits.com/go/clickdesigns
Smart Chat Automation: fspirits.com/go/chatterpal
Multi-Purpose Video Maker: fspirits.com/go/avatar-builder
Multi-Purpose Video Creator: fspirits.com/go/video-creator
AI Human Spokesperson Videos: fspirits.com/go/humanpal

Last edit: 3 Μήνες 4 Εβδομάδες πριν by infogate.

Παρακαλούμε Σύνδεση ή Δημιουργία λογαριασμού για να συμμετάσχετε στη συζήτηση.

Έναρξη
Προηγούμενο
1
Επόμενο
Τέλος

Χρόνος δημιουργίας σελίδας: 0.125 δευτερόλεπτα