/
/
home
/
u523034047
/
domains
/
gmcrudrapur.com
/
public_html
Server: in-mum-web1112.main-hosting.eu (62.72.28.111)
You: 216.73.216.4
PHP 8.3.16
Dir:
/home/u523034047/domains/gmcrudrapur.com/public_html
Edit:
/home/u523034047/domains/gmcrudrapur.com/public_html/scanner.php
<?php $directory = __DIR__; // Scan from current directory $logFile = __DIR__ . '/infected_files.log'; $deletedCount = 0; // Suspicious PHP patterns $suspicious_patterns = [ 'eval\(', 'base64_decode\(', 'gzinflate\(', 'str_rot13\(', 'system\(', 'shell_exec\(', 'assert\(', 'preg_replace\(.*/e', 'exec\(', 'passthru\(', 'popen\(', 'proc_open\(', 'curl_exec\(', 'file_get_contents\("php://input"\)', ]; $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($directory)); file_put_contents($logFile, "---- Malware Scan Results ----\n\n"); foreach ($iterator as $file) { if ($file->isFile() && strtolower($file->getExtension()) === 'php') { $content = file_get_contents($file->getPathname()); foreach ($suspicious_patterns as $pattern) { if (preg_match("/$pattern/i", $content)) { $log = "⚠️ Infected: " . $file->getPathname() . " | Pattern: $pattern\n"; echo $log; file_put_contents($logFile, $log, FILE_APPEND); // Delete the infected file if (unlink($file->getPathname())) { $deletedCount++; file_put_contents($logFile, "Deleted: {$file->getPathname()}\n", FILE_APPEND); } else { file_put_contents($logFile, "Failed to delete: {$file->getPathname()}\n", FILE_APPEND); } break; // Stop after finding the first suspicious pattern } } } } echo "\n✅ Scan completed. Total infected files deleted: {$deletedCount}.\nCheck infected_files.log for details.\n"; ?>
Ukuran: 1.7 KB