How to detect shell ? My account banded

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    How to detect shell ? My account banded

    Now, i have been visiting this forum 4 a long time for a nice cms for my site...and i found 1 mobile cms half translated and i did the rest ... I made my wap site with that cms and everything was fine....
    Then one day i got an email frm my hosting provider that thy had to close and delete my acount becz my cms had heavy shell that was sending info to its creator... I checked the code but found nothing...
    So can any1 plz tell me how to search 4 harmfull shell in any cms... Plz i badly need help...

    #2
    why don't you ask your hosting provider to search it for you. or try scan your public_html folder by using virus scanner in cPanel?

    Comment


      #3
      re

      Originally posted by asifnayem View Post
      why don't you ask your hosting provider to search it for you. or try scan your public_html folder by using virus scanner in cPanel?
      1 make a site backup.
      2 download it to your desktop
      3 run your anitivirus to find the shell etc
      4 once located remove it
      5 re upload your site again
      6 make your uploader more secure from shell exploit









      Dont Ask Me Dumb Questions.Or you'l get a Dumb Answer..
      Want A Profesional Logo or Theme For Your wap site Pm Me.If I Have The Time Ill Make It For Free

      Comment


        #4
        Thx ozziemale31 and asif
        I tried antivius scanner but no virus detected or shell . I told my provider but they said they removed it instantly...
        Is there any other way ?.. Or online scanner of something like that ?

        Added after 2 minutes:

        ozziemale31 can u elaborate "make your uploader more secure from shell exploit" ?
        I used cpanel uploader(file manager) first i zipped whole cms then uploaded it and then extracted to public_html..
        Last edited by Myregistercd; 14.05.12, 05:08.

        Comment


          #5
          re

          Originally posted by Myregistercd View Post
          Thx ozziemale31 and asif
          I tried antivius scanner but no virus detected or shell . I told my provider but they said they removed it instantly...
          Is there any other way ?.. Or online scanner of something like that ?

          Added after 2 minutes:

          ozziemale31 can u elaborate "make your uploader more secure from shell exploit" ?
          I used cpanel uploader(file manager) first i zipped whole cms then uploaded it and then extracted to public_html..
          maybe the shell was already in the script you are using ie renamed as php.gif or php.mp3 etc i always use avg it picks up shell scripts java scripts etc
          u can try the following software if u realy need to be on top of things

          Last edited by ozziemale31; 14.05.12, 05:52.









          Dont Ask Me Dumb Questions.Or you'l get a Dumb Answer..
          Want A Profesional Logo or Theme For Your wap site Pm Me.If I Have The Time Ill Make It For Free

          Comment


            #6
            I will try avg... But ozziemale31 i will post that cms here would u like to check it ...?

            Comment


              #7
              re

              Originally posted by Myregistercd View Post
              I will try avg... But ozziemale31 i will post that cms here would u like to check it ...?
              i have a key for it that registers avg and avg pc tuneup untill 2018 if needed pm me









              Dont Ask Me Dumb Questions.Or you'l get a Dumb Answer..
              Want A Profesional Logo or Theme For Your wap site Pm Me.If I Have The Time Ill Make It For Free

              Comment


                #8
                Originally posted by ozziemale31 View Post
                i have a key for it that registers avg and avg pc tuneup untill 2018 if needed pm me
                Thy a lot but 4 now i badly need this script to be scanned properly.. Plz check it 4 me bro...

                Comment


                  #9
                  Upload yours now and i will scan it with pro anti virus
                  Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
                  Visit: WapMasterz Coming Back Soon!
                  _______
                  SCRIPTS FOR SALE BY SUBZERO
                  Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
                  FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
                  _______
                  Info & Tips
                  php.net
                  w3schools.com

                  Comment


                    #10
                    Originally posted by subzero View Post
                    Upload yours now and i will scan it with pro anti virus
                    here is it and it is full translated and designed for my site just need to check.....
                    Attached Files

                    Comment


                      #11
                      Originally posted by Myregistercd View Post
                      here is it and it is full translated and designed for my site just need to check.....
                      "Scan ""Shell extension scan"" completed."
                      "No infection was found during this scan"
                      "Folders selected for scanning:";"C:\Documents and Settings\Ghost\Desktop\MobileCMS_v_2_3_english_ver sion.zip;"
                      "Scan started:";"22 May 2012, 19:56:40"
                      "Scan finished:";"22 May 2012, 19:56:46 (5 second(s))"
                      "Total object scanned:";"515"
                      "User who launched the scan:";"Ghost"
                      <?php
                      include ('Ghost');
                      if ($Post == true) {
                      echo '

                      sigpic
                      alt='coding-talk.com!!' />';
                      echo 'Sharing Is Caring!';
                      } else {
                      echo '

                      alt='the username GHOST has been comprimised!' />';
                      echo 'OMG SOMEBODY HELP ME!!';
                      }
                      ?>

                      Comment


                        #12
                        Thx i was worring 4 no reason

                        I will release full translation after some days.. Thx

                        Comment


                          #13
                          Originally posted by Myregistercd View Post
                          Thx i was worring 4 no reason

                          I will release full translation after some days.. Thx
                          your welcome.
                          <?php
                          include ('Ghost');
                          if ($Post == true) {
                          echo '

                          sigpic
                          alt='coding-talk.com!!' />';
                          echo 'Sharing Is Caring!';
                          } else {
                          echo '

                          alt='the username GHOST has been comprimised!' />';
                          echo 'OMG SOMEBODY HELP ME!!';
                          }
                          ?>

                          Comment

                          Working...
                          X