There are many of you asked me how to detect Shell when a hacker included in the database? Today I made this guide to answer questions and help you aware more privacy issues.
First we must know how the hacker include in Data then we can find method to thoroughly remove. You should refer articles about menthod include in source VBB and menthod to prevent. I would say more in the vbb, tables can be used to include shell such as: table_plugin and table_template. So how to detect shell when the include in those tables. Do the following:
You go to Phpadmin of host and search keywork "base64" and do by below guide.
Why must I search tag base64 is not that other keywords ?
Because of all current Shell if it is not encrypted, it will be destroy by antivirus. Unless that files are changed to file.txt. Work remaining of you are opening the table suspiciously and check what unusual is in that.
Note:
- For table plugin, you can delete without affect the operation site.
- For table template if you want, you can delete and if you want to reuse this skin, you go to admincp then click revert to vbb automatically edit skin for you.
- You can apply this method to the code such as joomla, new, shop, etc.
- For table template if you want, you can delete and if you want to reuse this skin, you go to admincp then click revert to vbb automatically edit skin for you.
- You can apply this method to the code such as joomla, new, shop, etc.
Translate from Tuewru's post <ceh.vn>
0 comments:
Post a Comment