1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

malware detect

Discussion in 'BlackHat Lounge' started by julianberg, Feb 8, 2016.

  1. julianberg

    julianberg Regular Member

    Joined:
    Mar 27, 2009
    Messages:
    380
    Likes Received:
    58
    Hi all,
    One of my hosting on hostgator got hacked with some malware.
    I have a couple of sites there, and hostgator are so annoying, they dont help at all.

    So I wanted to download all the files to my PC and remove the malware.
    Is there any software to run on PC to scan php and js files? or any text-scanner to use with specific search terms?
    or any PHP software?

    I'm only familiar with maldet that needs linux...
    Thanks.
     
  2. julianberg

    julianberg Regular Member

    Joined:
    Mar 27, 2009
    Messages:
    380
    Likes Received:
    58
    help??
    if you can tell me what strings to search for I'll write a scanner in PHP and scan my files...
     
  3. Asif WILSON Khan

    Asif WILSON Khan Executive VIP Jr. VIP

    Joined:
    Nov 10, 2012
    Messages:
    11,454
    Likes Received:
    32,379
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
  4. julianberg

    julianberg Regular Member

    Joined:
    Mar 27, 2009
    Messages:
    380
    Likes Received:
    58
    thanks, Sucuri is showing me the infected javascripts
    but what I'm looking if for the cause of it.
    If i delete the infected files they get re-infected after a few hours.
    I need some php scanner (and maybe something to scan my database) for malicious code.
     
  5. artificialtraffic

    artificialtraffic Registered Member

    Joined:
    Feb 17, 2015
    Messages:
    57
    Likes Received:
    9
    Because you have your computer infected with malware stealing your FTP credentials.
    You probably use Filezilla, Total commander FTP or some other FTP client which store credentials as plain text.

    You must clean your computer and you must use master password for stored FTP credentials encryption to prevent this from happening again.