Jump to content

Download: Global Suspicious File Checker


Recommended Posts

File Name: Global Suspicious File Checker
File Submitter: bfarber
File Submitted: 11 Jul 2006
File Category: IPB 2.1.x Tools

This tool should be uploaded to your public_html directory and visited in your browser.

It will list all files on your server and weight them in relation to IPB depending upon how suspicious they are.

A bold filename means that it's been modified in the past 7 days.
An orange filename means that it's over 100k in size (and most of the trojans are)
A red filename means it's likely to be a known trojan's filename or it was created by userid 99 (nobody).

Now, it is VERY important that you not just delete any files without knowing what you are doing. Check any suspected files out first...see if they really are bad scripts or not. Skin files can be cached as a different user than the web or ftp user at times, as it runs via php. Sometimes you apply patches and a file was recently modified. Just be sure what you are doing before deleting files you may need. Make a backup first.

This tool includes some helpful filters at the top. You can show all files, or you can filter by "larger than 100k", "user 'nobody'", or "modified within past 7 days".

This, like any other tool, is only as good as the operator makes it.

Click here to download this file

Link to comment


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...