GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Server brains : what software can scan an apache server for installed exploits and stuff?

ifapdb · 10-30-2011, 11:20 PM

No quick way really, but if you have a bunch of php exploits - probably best to start over and move files over in batches making sure permissions are correct.

Check any user uploadable files to see if they are really what they're supposed to be. Jpg, gif, png etc. Exploitable .htaccess can make those files executable.

grep for common php exploit methods (exec/system/decode/chmod/mkdir/etc.)

You should then "train" clamav for any of the patterns you find for future scans.

All assuming they came in through bad scripts, if it's via shell/ftp, all bets are off.

10-30-2011, 11:20 PM
ifapdb Registered User Industry Role: Join Date: Sep 2011 Posts: 1	No quick way really, but if you have a bunch of php exploits - probably best to start over and move files over in batches making sure permissions are correct. Check any user uploadable files to see if they are really what they're supposed to be. Jpg, gif, png etc. Exploitable .htaccess can make those files executable. grep for common php exploit methods (exec/system/decode/chmod/mkdir/etc.) You should then "train" clamav for any of the patterns you find for future scans. All assuming they came in through bad scripts, if it's via shell/ftp, all bets are off.