duai4379 2015-07-28 07:46
浏览 50
已采纳

找到注入恶意代码的工具? [关闭]

I search a tool to find inject malicious code in my PHP files. In each PHP file I had this inject:

eval(gzinflate(base64_decode('pRlrc9u48bM70/+AaBhTjGmJol5WbNpJE+fuZppLqjid6di...

Of course I use the shell to find and replace the inject. But each hour the inject is back. So some PHP file(s) are injected. I've more than 34 websites on this server - each website are injected.

My question now: Has somebody an idea to find the security hole? Maybe a online tool or a script which I can check all PHP files?

Thanks for your help.

  • 写回答

1条回答 默认 最新

  • du9843 2015-07-28 08:00
    关注

    I've used something like: grep -Rl "eval" . and grep -Rl "base64" . it can be a good start.

    Try to search for patterns in the infected files.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 vue使用gojs,需求在link中的虚线上添加方向箭头
  • ¥15 CSS通配符清除内外边距为什么可以覆盖默认样式?
  • ¥15 SPSS分类模型实训题步骤
  • ¥15 求解决扩散模型代码问题
  • ¥15 工创大赛太阳能电动车项目零基础要学什么
  • ¥20 limma多组间分析最终p值只有一个
  • ¥15 nopCommerce开发问题
  • ¥15 torch.multiprocessing.spawn.ProcessExitedException: process 1 terminated with signal SIGKILL
  • ¥15 QuartusⅡ15.0编译项目后,output_files中的.jdi、.sld、.sof不更新怎么解决
  • ¥15 pycharm输出和导师的一样,但是标红