C.A.T Posted October 5, 2016 Share Posted October 5, 2016 Some advice on 3 issues please! Issue 1. {} denotes multiple sub-directories. I need to move multiple files on a remote server from directory /storeage/{} to /download/articles/ and /download/images/ so I share with PHP Easy Downloader V2.0. I've researched at http://www.w3schools.com/php/func_filesystem_move_uploaded_file.asp and also found this script, gist.github.com/baamenabar/f0ee62fd42fed31b60ce What I need it a move.php in /storeage/{} that will scan recursively through the directory and sub-directories and move all *.pdf, *.zip, *.rar, *.doc, files to /download/articles/ What I need it a move.php in /storeage/{} that will scan recursively through the directory and sub-directories and move all *.gif, *.jpg, *.png, *.tif, files to /download/images/ I found this script, https://gist.github.com/baamenabar/f0ee62fd42fed31b60ce and was wondering if it can be modified to my needs? Issue 2. I can't seem to download PHP Easy Downloader V2.0. http://www.ironclad.net/scripts/ Has anyone got this script, or suggest a better one? Issue 3. On the remote server, I found some suspect PHP files, what are they, and what are they doing? 9a79229c_prevv1.php.txt Link to comment Share on other sites More sharing options...
justsomeguy Posted October 5, 2016 Share Posted October 5, 2016 The code you linked to isn't recursive, really the only important line is the one that actually moves/renames the file, so it seems like it would be just as easy to write it from scratch versus starting with that. Your code will be a little bit different based on whether or not you want to preserve the directory structure, and whether you want to copy or move files. The code in those files looks malicious, but I don't really want to spend the time to de-obfuscate it to see exactly what it's doing. It's probably a backdoor, where it does something like accepts an arbitrary command to execute. Link to comment Share on other sites More sharing options...
C.A.T Posted October 6, 2016 Author Share Posted October 6, 2016 The code you linked to isn't recursive, really the only important line is the one that actually moves/renames the file, so it seems like it would be just as easy to write it from scratch versus starting with that. Your code will be a little bit different based on whether or not you want to preserve the directory structure, and whether you want to copy or move files. The code in those files looks malicious, but I don't really want to spend the time to de-obfuscate it to see exactly what it's doing. It's probably a backdoor, where it does something like accepts an arbitrary command to execute. Thank you for the input. I'm looking at other code to write my own, but my php coding is basic for now. https://stackoverflow.com/questions/19139434/php-move-a-file-into-a-different-folder-on-the-server https://stackoverflow.com/questions/2082138/move-all-files-in-a-folder-to-another http://ben.lobaugh.net/blog/864/php-5-recursively-move-or-copy-files https://stackoverflow.com/questions/5707806/recursive-copy-of-directory https://stackoverflow.com/questions/14345714/recursively-moving-all-files-of-a-specific-type-into-a-target-directory-in-bash http://www.aidanlister.com/2004/04/recursively-copying-directories-in-php/ http://board.phpbuilder.com/showthread.php?10392349-PHP-recursive-copy-function-to-copy-files-from-many-source-folders-to-destinations In regards to those suspect php files, thank you for the confirmation. Link to comment Share on other sites More sharing options...
C.A.T Posted October 10, 2016 Author Share Posted October 10, 2016 It is said, Seek and You Shall Find, php - find and copy files to another directory. https://gist.github.com/jycr753/22f2f2c14bffd1da8c77 Works well, and by changing the "copyfiles" it can do what I needed. copyfiles('*.doc', '../download/articles'); copyfiles('*.pdf', '../download/articles'); copyfiles('*.gif', '../download/images'); Link to comment Share on other sites More sharing options...
C.A.T Posted October 11, 2016 Author Share Posted October 11, 2016 (edited) The 'php - find and copy files to another directory' script runs fine on the test server but doesn't copy the files to the desired ./download/articles Would, copyfiles('*.doc', '__FILE__/download/articles'); resolve the issue? Edited October 11, 2016 by C.A.T Link to comment Share on other sites More sharing options...
justsomeguy Posted October 11, 2016 Share Posted October 11, 2016 Don't put a constant inside a string like that, you need to concatenate the constant with the string. You don't want to use the filename of the script though, but you can use __DIR__ to specify the current directory. Link to comment Share on other sites More sharing options...
C.A.T Posted October 20, 2016 Author Share Posted October 20, 2016 Don't put a constant inside a string like that, you need to concatenate the constant with the string. You don't want to use the filename of the script though, but you can use __DIR__ to specify the current directory. Thank you for your input. The modified php script, 'find and copy files to another directory' functioned well, and with the help of filezilla ftp client - all files are now sorted. As for the PHP malware, these helped. https://support.tilaa.com/hc/en-us/articles/228651727-How-can-I-scan-my-server-for-malware-infections- https://www.gavick.com/blog/standalone-security-scanners https://www.webroot.com/blog/2011/02/22/malicious-php-scripts-on-the-rise/ https://github.com/mikestowe/Malicious-Code-Scanner https://github.com/nbs-system/php-malware-finder Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now