Re: Site issues!
Posted: Thu Aug 28, 2014 5:17 am
If there was possibly a zero day vuln in phpBB and your server was used as a platform to launch other attacks, look for recently changed or added files in your web root directory.
Sadly, most antivirus software won't find web site hacks, but this one does: https://www.rfxn.com/projects/linux-malware-detect/
The problem is that it runs on Linux. However I was able to extract the signature files and run it with Clamwin (Clamav for Windows) to find some scary things on a Windows Server. It's pretty damned good at finding PHP IRC server scripts, command shells, nested base64 obfuscated code, DDoS scripts and most web nasties that AV software overlooks. Let me know if you need more info on this.
Sadly, most antivirus software won't find web site hacks, but this one does: https://www.rfxn.com/projects/linux-malware-detect/
The problem is that it runs on Linux. However I was able to extract the signature files and run it with Clamwin (Clamav for Windows) to find some scary things on a Windows Server. It's pretty damned good at finding PHP IRC server scripts, command shells, nested base64 obfuscated code, DDoS scripts and most web nasties that AV software overlooks. Let me know if you need more info on this.
