Basic Backdoor Script Finder

Updated: November 17, 2011

The Basic Backdoor Script Finder is simple tool that will find some of the most popular backdoor scripts that are placed on websites. It will not detect all possible backdoor scripts at that would require falsely identifying many files that are not backdoor scripts. In some cases a backdoor maybe added to an existing file, so in those cases you will need to replace the version containing the backdoor with a clean version of the file. While it has been designed to not produce false-positives, you should check any files identified by it before deleting the files. If you do find a false-positive please let us know so that we improve the tool. It can detect the Gumblar backdoor, Web Shell by boff, Web Shell by oRb, Goog1e_analist, and other backdoors.

If you website does contain a backdoor script it is very important to determine how it got there because if you do not fix that vulnerability another backdoor script could be placed on the website.

To use the Basic Backdoor Script Finder download the tool (basicbackdoorscriptfinder.zip, basicbackdoorscriptfinder.bz2, basicbackdoorscriptfinder.7z), uncompress it, place it in the directory you want checked, and call the file in your web browser or from the command line. Then the tool will display any files that it detects contain a backdoor script.

Related:

Services

• Hacked Website Cleanup
• Hacked Drupal Website Cleanup
• Hacked Joomla Website Cleanup
• Hacked Magento Store Cleanup
• Hacked MediaWiki Wiki Cleanup
• Hacked Moodle Website Cleanup
• Hacked osCommerce Store Cleanup
• Hacked phpBB Forum Cleanup
• Hacked WordPress Blog Cleanup
• Hacked Zen Cart Store Cleanup

Resources

• Secure Your Website From Hackers
• Unobfuscate PHP Hack Code