-
Drupal Exploits – script to detect versions
We are currently seeing a high volume of Drupal exploits running a lot of arbitrary code, including crypto mining, attacking other servers and similar due to this exploit https://www.drupal.org/sa-core-2018-002 If you want to find out if you have any vulnerable Drupal installs quickly and easily i wrote a shell script for that . Just run…
-
Finding Exploits and Trojan php hacks on a website
Its always unfortunate when you are exploited, and the best method to fix a site is to wipe and restore from a known backup as well as track down the entry point they gained access and fix it. Sometimes you need to ‘clean’ a site of these files before migrating things over however , or…
-
WordPress mass update script 3.4
This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites…
-
WordPress mass update script 3.1.3
This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites…
-
Adding timestamps to your bash history
Often we’ve had boxes compromised, or commands run that we have no idea who did it and at what time. Its very frustrating, especially when we have no idea if a customer did it, one of the staff, or if a box was compromised. Glenn found this little snippet which is now default in all…