I always wonder why people make viruses, is it true it’s very exciting to just got a little compliment from their friend? … disgusting! I’d rather had a one night walk with someone I loved to get the same dopamine runs through my veins. Is it true it’s so very briliant to create the destructive worms just to prove you’re the only one of master of sience in computer knowledge ? … yaaaiikkss! I think I’m gonna throw up. I just think, maybe it’s better to register to CPAN developer community or contributing creating kernel patch rather than that.
Is it true that creating malwares was the only way to bait the fish? …. bwahahaha, it always difficult to talk with someone not well educated.
But who am I to judge people ? … “Verily I say unto you, they have received their reward”. Someone gonna reap the whirlwind.
But who am I to judge people ? … “Verily I say unto you, they have received their reward”. Someone gonna reap the whirlwind.
This week one of my server was attacked by gum*lar.cn and mar*uz.cn worms that almost knocked down all the webserver runs there. Users cannot access it because they were blocked by google safebrowsing regardless they were reported as attack site. The worms itself just a simple script that are inserted within php, js or html scripts, and have the ability to do one two things like “calling their home” and replicate them self to another files on the server. Basicaly this is just a stupid worms that crawl here and there just to feed their gumby ass, the only part I concern is how the hell they steal the ftp user and password to upload the index.php and image.php ?
Open the infected php or js or html script to find and get the specific string to search for, then I made a simple bash script to detect the specific string within all php, js and html files on the server.
There are 2 part of this bash script, the first one is the scan part which compare all the files in a specific folder with a specific strings, and the second part is the healer / cleaner part which take the responsibility to erase the evil code. Here is the script you can download :
There are 2 part of this bash script, the first one is the scan part which compare all the files in a specific folder with a specific strings, and the second part is the healer / cleaner part which take the responsibility to erase the evil code. Here is the script you can download :
Cleaner
Yes, I know, it should be a little difficult to use this script if you were not the administrator and don’t have ssh access or permission access to the hosting domain, but that’s another story.
