Jump to content

Some advice please!


C.A.T

Recommended Posts

Some advice on 3 issues please!

 

Issue 1. {} denotes multiple sub-directories.

 

I need to move multiple files on a remote server from directory /storeage/{} to /download/articles/ and /download/images/ so I share with PHP Easy Downloader V2.0.

 

I've researched at http://www.w3schools.com/php/func_filesystem_move_uploaded_file.asp and also found this script, gist.github.com/baamenabar/f0ee62fd42fed31b60ce

 

What I need it a move.php in /storeage/{} that will scan recursively through the directory and sub-directories and move all *.pdf, *.zip, *.rar, *.doc, files to /download/articles/

 

What I need it a move.php in /storeage/{} that will scan recursively through the directory and sub-directories and move all *.gif, *.jpg, *.png, *.tif, files to /download/images/

 

I found this script, https://gist.github.com/baamenabar/f0ee62fd42fed31b60ce and was wondering if it can be modified to my needs?

 

Issue 2. I can't seem to download PHP Easy Downloader V2.0. http://www.ironclad.net/scripts/ Has anyone got this script, or suggest a better one?

 

Issue 3. On the remote server, I found some suspect PHP files, what are they, and what are they doing?

9a79229c_prevv1.php.txt

Link to comment
Share on other sites

The code you linked to isn't recursive, really the only important line is the one that actually moves/renames the file, so it seems like it would be just as easy to write it from scratch versus starting with that. Your code will be a little bit different based on whether or not you want to preserve the directory structure, and whether you want to copy or move files.

 

The code in those files looks malicious, but I don't really want to spend the time to de-obfuscate it to see exactly what it's doing. It's probably a backdoor, where it does something like accepts an arbitrary command to execute.

Link to comment
Share on other sites

The code you linked to isn't recursive, really the only important line is the one that actually moves/renames the file, so it seems like it would be just as easy to write it from scratch versus starting with that. Your code will be a little bit different based on whether or not you want to preserve the directory structure, and whether you want to copy or move files.

 

The code in those files looks malicious, but I don't really want to spend the time to de-obfuscate it to see exactly what it's doing. It's probably a backdoor, where it does something like accepts an arbitrary command to execute.

Thank you for the input. I'm looking at other code to write my own, but my php coding is basic for now.

 

https://stackoverflow.com/questions/19139434/php-move-a-file-into-a-different-folder-on-the-server

https://stackoverflow.com/questions/2082138/move-all-files-in-a-folder-to-another

http://ben.lobaugh.net/blog/864/php-5-recursively-move-or-copy-files

https://stackoverflow.com/questions/5707806/recursive-copy-of-directory

https://stackoverflow.com/questions/14345714/recursively-moving-all-files-of-a-specific-type-into-a-target-directory-in-bash

http://www.aidanlister.com/2004/04/recursively-copying-directories-in-php/

http://board.phpbuilder.com/showthread.php?10392349-PHP-recursive-copy-function-to-copy-files-from-many-source-folders-to-destinations

 

In regards to those suspect php files, thank you for the confirmation.

Link to comment
Share on other sites

It is said, Seek and You Shall Find,

 

php - find and copy files to another directory. https://gist.github.com/jycr753/22f2f2c14bffd1da8c77

 

Works well, and by changing the "copyfiles" it can do what I needed.

 

copyfiles('*.doc', '../download/articles');

copyfiles('*.pdf', '../download/articles');

copyfiles('*.gif', '../download/images');

Link to comment
Share on other sites

The 'php - find and copy files to another directory' script runs fine on the test server but doesn't copy the files to the desired ./download/articles

 

Would, copyfiles('*.doc', '__FILE__/download/articles'); resolve the issue?

Edited by C.A.T
Link to comment
Share on other sites

  • 2 weeks later...

Don't put a constant inside a string like that, you need to concatenate the constant with the string. You don't want to use the filename of the script though, but you can use __DIR__ to specify the current directory.

Thank you for your input. The modified php script, 'find and copy files to another directory' functioned well, and with the help of filezilla ftp client - all files are now sorted.

 

As for the PHP malware, these helped.

 

https://support.tilaa.com/hc/en-us/articles/228651727-How-can-I-scan-my-server-for-malware-infections-

https://www.gavick.com/blog/standalone-security-scanners

https://www.webroot.com/blog/2011/02/22/malicious-php-scripts-on-the-rise/

https://github.com/mikestowe/Malicious-Code-Scanner

https://github.com/nbs-system/php-malware-finder

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...