Hacker Term Search

From James Dooley's Wiki
Revision as of 12:47, 19 May 2011 by 10.30.6.195 (talk) (Created page with "==Overview== Simple find statement coupled with a grep statement. Will return path of any file containing these terms. ==Script== <code>[bash,n] find /home*/ -type f -name "*...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Overview

Simple find statement coupled with a grep statement. Will return path of any file containing these terms.


Script

[bash,n] find /home*/ -type f -name "*.htm*" -o -type f -name "*.php" -print0 | xargs -0 grep -il "hacked by\|script kitten" >> malware_hits.txt

What to change

Change the terms in the grep statement.

Hacked by is the most common, Kittens use the same terms on all of their pages. No need to be original.

Additional terms can be added if looking for a specific hacker group.

Retrieved from "http://wiki.jamesdooley.us/index.php?title=Hacker_Term_Search&oldid=92"