Skip to main content

Use Linux terminal to check for infected web files

If you own or have created a joomla or cms in general website, then you know that it is vulnerable to attacks of all kinds. One of those is code injection to your files so that more code is executed without permission when a page loads.


When an HTML page loads that has no javascript or script ( php e.t.c. ) upon it, then its clear what happens. In this case, only an iframe can load malicious code on the webpage that would infect the visitor. But then a cms loads, a lot of plugins, javascript files and more are loaded together to render the page and the content. In most of those cases, its really hard to check each and every file for malicious code, both because there are thousands of files and also because you need to be more than an expert in coding to find out the flow and the structure of the system.

You will find a lot of sites and forums explaining this problem, we dealt with something like this some time ago and here is the solution we propose. You will need Linux though for this, but maybe its best for you also.

Use the following command to find the files that contain stuff you don't like :

find . -type f -iname '*.*' -exec grep -l -i "XXXXX" {} \;

In XXXXX's place you can search for : 


in.cgi 

iframe
base64
cgi
http:// ( but only inside images, a lot of cms files have http:// inside them )

Then go through each file and clean up the code that looks malicious. 



Enhanced by Zemanta

Popular posts from this blog

Enable AMD's Radeon Chill feature for all games.

Since 2014 AMD has been following the tradition of releasing new performance and usability features in their December driver, and 2016 was no exception. Among the myriad of new features and enhancements, was also one that passed almost unnoticed, called Radeon Chill.

Stemming from AMD's acquisition of HiAlgo earlier in 2016, it offers the possibility of huge power and thermal savings while gaming, by monitoring screen movement and adjusting the frame rate accordingly. There is even the claim that it could also reduce response times since the GPU is not occupied with rendering as often.

Its only issue: it's not global, and it's based on a white list of applications to function. But fear not, for we are here. Using a trick as old as operating systems themselves, you can try to make it work with every title. Let's see how to do that.
Step One: Activate Radeon Chill. Doing that is fairly easy. Right click on your desktop and select "Radeon Settings":

Then naviga…

Your first post in your Facebook Page, some simple tips

Many new pages are created on Facebook every day by brands that need to use the network for wither exposure or marketing or both. There are many small businesses that want to use Facebook and need to know about some initial tips to get started with their facebook page.

Facebook page management is no rocket science, but it can lead your brand to either a successful presence or nothing at all, if you don't pay attention to some details. You have to start with the basics. Your every-day process with your page is your posts, information you share on your page and your fans will see. First take a note that not all of your fans will see your post. Let's say you have 1000 fans, only about 10-15% of your fans are expected to actually see that post. What's important here is to make your post appealing so whoever sees it, will be able to engage with it, thus either comment, share or like it.

Take a look at our video for those tips :



Every time a Facebook user likes, share or commen…

[UPDATE] How to move your wordpress site and mysql database from local XAMPP to the web server

Most web developers follow the way of "first local, then on the server" for their website's early development or setup stages in order to gain either speed or freedom in installing pluging and extensions due to servers' permissions for files and folders.

A small problem comes around when you need to move your site from your local environment ( commonly XAMPP ) to your webserver so your website can go "live". This article will let you know the steps you need to follow when it comes to Wordpress and moving if from local to yuor server.

Before we start, you will need to : 1. have the url, username and password of your hosting environment's management panel ( cPanel or Plesk e.t.c. ) and log into it.
2. in your hosting panel, you need to add FTP access to your site, you will need to jot down the IP or domain name ( depending on DNS ), a username and a password
3. you will need to go into your hosting's database management via your management panel, cre…