Script to detect malicious code

Discussion regarding Joomla! 3.x security issues.

Moderators: Bernard T, mandville, fcoulter, PhilD, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Post Reply
danjde
Joomla! Intern
Joomla! Intern
Posts: 57
Joined: Mon Dec 28, 2009 1:48 pm

Script to detect malicious code

Post by danjde » Fri Mar 02, 2018 5:51 pm

Hi Friends,
using a Linux VPS are there any scripts to run periodically (maybe via cron) to analyse Apache directories for malicious php code?

I've been seen this but is not for Linux shell: https://github.com/btoplak/Joomla-Anti- ... pt--JAMSS-

Many thanks!

Davide
http://www.cosmogonia.org - cosmogoniA
n o p r o v a r e n o f a r e o n o n f a r e n o n c e p r o v a r e

User avatar
effrit
Joomla! Guru
Joomla! Guru
Posts: 626
Joined: Sun Nov 12, 2017 2:21 pm
Location: middle of Russia
Contact:

Re: Script to detect malicious code

Post by effrit » Fri Mar 02, 2018 5:57 pm

hi.
we use https://revisium.com/aibo/
but for finding code on infected sites. not sure if it suitable for your task.

pauloray
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Mon Jan 13, 2014 7:57 pm
Contact:

Re: Script to detect malicious code

Post by pauloray » Fri Mar 02, 2018 8:45 pm

We use CPanel with ClamAV on our VPS and it helps in detected infected scripts.

User avatar
AMurray
Joomla! Virtuoso
Joomla! Virtuoso
Posts: 3835
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: Script to detect malicious code

Post by AMurray » Sun Mar 04, 2018 6:35 am

You could also subscribe to Myjoomla.com - its audit service scans for such things.
Regards,
--------------------------------------------------------------
A Murray
Millennium Falcon - it's the ship that made the Kessel run in less than 12 parsecs! The fastest hunk of junk in the galaxy.

danjde
Joomla! Intern
Joomla! Intern
Posts: 57
Joined: Mon Dec 28, 2009 1:48 pm

Re: Script to detect malicious code

Post by danjde » Sat Mar 10, 2018 9:06 am

Thanks friends for your help, very appreciate ;-)

About Clamav, running it from command line on folder containing malicious php code (for testing), is doesn't detect anything!

I'm try to use joomlavs (https://github.com/rastating/joomlavs), hoping better than Clamav for malicious php code.. :-)


Thanks again!

Davide
http://www.cosmogonia.org - cosmogoniA
n o p r o v a r e n o f a r e o n o n f a r e n o n c e p r o v a r e


Post Reply

Return to “Security in Joomla! 3.x”