在网站目录差找如下关键字:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | grep -Rn "shell_exec *(" /var/www
grep -Rn "base64_decode *(" /var/www
grep -Rn "phpinfo *(" /var/www
grep -Rn "system *(" /var/www
grep -Rn "php_uname *(" /var/www
grep -Rn "chmod *(" /var/www
grep -Rn "fopen *(" /var/www
grep -Rn "fclose *(" /var/www
grep -Rn "readfile *(" /var/www
grep -Rn "edoced_46esab *(" /var/www
grep -Rn "eval *(" /var/www
grep -Rn "pwd" /var/www
grep -Rn "pass" /var/www
grep -Rn "pw" /var/www
grep -Rn 密码" /var/www
|
find:
1 | find /www/ -name "*.php" |xargs egrep 'assert|phpspy|c99sh|milw0rm|eval|\(gunerpre |
文章出处:Evi1cg's blog
原文链接:
https://evi1cg.me/archives/Webshell_find.html
文章来源: http://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650459327&idx=3&sn=bc48edba3b2feec8b9b0d60aacf8526b&chksm=83bba95bb4cc204d33213498f5e14f7633d896e010276873e18c8a58b6e271ec7343ddcfddd2#rd
如有侵权请联系:admin#unsafe.sh