/
/
home
/
melaqxso
Server: server63.web-hosting.com (198.54.116.184)
You: 216.73.216.61
PHP 7.4.33
Dir:
/home/melaqxso
Edit:
/home/melaqxso/.bash_history
cd ~/public_html SITES=("public_html" "allshadesofwellness.com" "nymetrocualumni.com") cd ~/public_html find . -type f -name .htaccess ! -path ./.htaccess ! -path ./wp-content/uploads/.htaccess -delete cat > .htaccess <<'HTEOF' # BEGIN WordPress RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress HTEOF mkdir -p wp-content/uploads cat > wp-content/uploads/.htaccess <<'HTEOF' <FilesMatch "\.php$"> Require all denied </FilesMatch> HTEOF cd ~/allshadesofwellness.com find . -type f -name .htaccess ! -path ./.htaccess ! -path ./wp-content/uploads/.htaccess -delete cat > .htaccess <<'HTEOF' # BEGIN WordPress RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress HTEOF cat > wp-content/uploads/.htaccess <<'HTEOF' <FilesMatch "\.php$"> Require all denied </FilesMatch> HTEOF mkdir -p wp-content/uploads cd ~/nymetrocualumni.com find . -type f -name .htaccess ! -path ./.htaccess ! -path ./wp-content/uploads/.htaccess -delete cat > .htaccess <<'HTEOF' # BEGIN WordPress RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress HTEOF mkdir -p wp-content/uploads cat > wp-content/uploads/.htaccess <<'HTEOF' <FilesMatch "\.php$"> Require all denied </FilesMatch> HTEOF ~/ cd ~ curl -L -o latest.zip https://wordpress.org/latest.zip unzip -q -o latest.zip cd ~/public_html rm -rf wp-admin wp-includes cp -r ~/wordpress/wp-admin ~/wordpress/wp-includes ./ cp -f ~/wordpress/*.php ./ cd ~/allshadesofwellness.com rm -rf wp-admin wp-includes cp -r ~/wordpress/wp-admin ~/wordpress/wp-includes ./ cp -f ~/wordpress/*.php ./ cd ~/nymetrocualumni.com rm -rf wp-admin wp-includes cp -r ~/wordpress/wp-admin ~/wordpress/wp-includes ./ cp -f ~/wordpress/*.php ./ cd ~/public_html grep -R -n "base64_decode" . grep -R -n "gzinflate" . grep -R -n "eval(" . cd ~/allshadesofwellness.com # same 3 grep commands # same 3 grep commands cd ~/nymetrocualumni.com cd ~/allshadesofwellness.com grep -R -n "base64_decode" . grep -R -n "gzinflate" . grep -R -n "eval(" . cd ~/public_html grep -R -n "base64_decode" . grep -R -n "gzinflate" . grep -R -n "eval(" . cd ~/nymetrocualumni.com grep -R -n "base64_decode" . grep -R -n "gzinflate" . grep -R -n "eval(" . cd ~/public_html find . -type d -exec chmod 755 {} \; find . -type f -exec chmod 644 {} \; cd ~/allshadesofwellness.com find . -type d -exec chmod 755 {} \; find . -type f -exec chmod 644 {} \; cd ~/nymetrocualumni.com find . -type d -exec chmod 755 {} \; find . -type f -exec chmod 644 {} \; cd ~/public_html find . -type d -exec chmod 755 {} \; find . -type f -exec chmod 644 {} \; cd ~/public_html cd ~/allshadesofwellness.com grep -R --line-number -E "base64_decode|gzinflate|str_rot13|eval\(" . | head -n 50 grep -R --line-number -E "base64_decode|gzinflate|str_rot13|eval\(" . | head -n 50 cd ~/nymetrocualumni.com grep -R --line-number -E "base64_decode|gzinflate|str_rot13|eval\(" . | head -n 50 cd ~/public_html grep -R --line-number -E "base64_decode|gzinflate|str_rot13|eval\(" . | head -n 50 cd ~/allshadesofwellness.com grep -R --line-number -E "base64_decode|gzinflate|str_rot13|eval\(" . | head -n 50 cd ~/nymetrocualumni.com grep -R --line-number -E "base64_decode|gzinflate|str_rot13|eval\(" . | head -n 50 cd ~/public_html && find . -type d -exec chmod 755 {} \; && find . -type f -exec chmod 644 {} \; cd ~/allshadesofwellness.com && find . -type d -exec chmod 755 {} \; && find . -type f -exec chmod 644 {} \; cd ~/nymetrocualumni.com && find . -type d -exec chmod 755 {} \; && find . -type f -exec chmod 644 {} \; cd ~/public_html # any PHP inside uploads? (should be none) find wp-content/uploads -type f -name "*.php" -print # scan only plugin/theme/upload PHP for suspicious functions # check for drop-ins/mu-plugins (often abused) grep -R --line-number --include="*.php" -E "eval\(|base64_decode\(|gzinflate\(" wp-content | head -n 50 ls -l wp-content/ | egrep "mu-plugins|advanced-cache.php|db.php|object-cache.php|sunrise.php" || true cd ~/allshadesofwellness.com find wp-content/uploads -type f -name "*.php" -print grep -R --line-number --include="*.php" -E "eval\(|base64_decode\(|gzinflate\(" wp-content | head -n 50 ls -l wp-content/ | egrep "mu-plugins|advanced-cache.php|db.php|object-cache.php|sunrise.php" || true cd ~/nymetrocualumni.com find wp-content/uploads -type f -name "*.php" -print grep -R --line-number --include="*.php" -E "eval\(|base64_decode\(|gzinflate\(" wp-content | head -n 50 ls -l wp-content/ | egrep "mu-plugins|advanced-cache.php|db.php|object-cache.php|sunrise.php" || true find ~/public_html/wp-content/uploads -type f -name "*.php" find ~/allshadesofwellness.com/wp-content/uploads -type f -name "*.php" find ~/nymetrocualumni.com/wp-content/uploads -type f -name "*.php" <Files *.php> deny from all </Files>
Ukuran: 5.0 KB