Locked PHP-Shell-Detector

[sQuo]

This is the hidden content, please

• Sign In
• or
• Sign Up

 

 

Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%. By using the latest javascript and css technologies, web shell detector has a light weight and friendly interface.

 

 

 

Usage

 

To activate Web Shell Detector:

 

1) Upload shelldetect.php and shelldetect.db to your root directory

 

2) Open shelldetect.php file in your browser

 

Example:

This is the hidden content, please

• Sign In
• or
• Sign Up

 

3) Inspect all strange files, if some of files look suspicious, send them to

This is the hidden content, please

• Sign In
• or
• Sign Up

team. After submitting your file, it will be inspected and if there are any threats, it will be inserted into a “web shell detector” web shells signature database.

 

4) If any web shells found and identified use your ftp/ssh client to remove it from your web server (IMPORTANT: please be carefull because some of shells may be integrated into system files!).

 

Demo

This is the hidden content, please

• Sign In
• or
• Sign Up

 

 

Options

 

extension - extensions that should be scanned

showlinenumbers - show line number where suspicious function used

dateformat - used with access time & modified time

langauge - if I want to use other language

directory - scan specific directory

task - perform different task

report_format - used with is_cron(true) file format for report file

is_cron - if true run like a cron(no output)

filelimit - maximum files to scan (more then 30000 you should scan specific directory)

useget - activate _GET variable for easy way to recive tasks

authentication - protect script with user & password in case to disable simply set to NULL

remotefingerprint - get shells signatures db by remote

 

 

This is the hidden content, please

• Sign In
• or
• Sign Up