Cara mencari lokasi shell backdoor melalui server

Discussion in 'Masalah Teknik dan Keamanan' started by nans, 28 Feb 2013.

Thread Status:
Not open for further replies.
  1. nans

    nans Beginner 1.0

    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Permisi.....
    saya ingin bertanya seputar keamanan.... cara mencari letak shell backdoor yang ditanam oleh yang ngehack caranya gimana ya kalo via ssh di server... biar bisa dilihat dimana lokasi backdoornya kemudian kita bisa menghapusnya...


    Mohon bimbingannya ya para master security hoster semua... maklum nubi... :o
     
  2. ngaco

    ngaco Apprentice 1.0

    Messages:
    218
    Likes Received:
    20
    Trophy Points:
    18
    pake rkhunter atau chkrootkit ngaruh ga ya?
     
    nans likes this.
  3. jaapns

    jaapns Hosting Guru Web Hosting

    Messages:
    3,269
    Likes Received:
    443
    Trophy Points:
    83
    paket LMD bang , Linux Malware Detect, utak atik configurationnya , run daily cron nya + setting emailnya,

    jadi kalo ada shell tertangkap akan di email dan di infokan letak backdoornya .

    Referensi : hxxp://www.rfxn.com/projects/linux-malware-detect/
     
    nans likes this.
  4. idcolo

    idcolo Apprentice 1.0 Web Hosting (Company)

    Messages:
    336
    Likes Received:
    29
    Trophy Points:
    28
    cara manualnya..

    berikut beberapa perintah yang sering di gunakan sama si embah heker

    cara mencarinya
    lihat hasilnya

    contoh barbutnya ada disini
    Contoh hasil yg di temukan
    heeker.jpg
     
    galuh82, nans, Babah and 2 others like this.
  5. nans

    nans Beginner 1.0

    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Baik... saya coba dulu y ... makasih banyak sarannya.. :)
     
  6. nans

    nans Beginner 1.0

    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1

    saya coba ya .... makasih banyak sarannya... :)
     
  7. nans

    nans Beginner 1.0

    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1

    wah... makasih bang... mantabs... ijin praktek dlu... :cool:
     
  8. nans

    nans Beginner 1.0

    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1


    Wah.... makasih banyak banget bang.... saya penasaran bener sama ini shell dimana nancepnya..... ijin praktek,..:cool:
     
  9. BennyKusman

    BennyKusman Hosting Guru DWH Guardian Web Hosting (Company)

    Messages:
    2,234
    Likes Received:
    239
    Trophy Points:
    63
    untuk full search, bisa di ketik juga:
    grep -RPn "(passthru|shell_exec|system|phpinfo|base64_decode |chmod|mkdir|fopen|fclose|readfile) *\(" /home/*public_html/* >> hasil.txt
     
    nans likes this.
  10. nans

    nans Beginner 1.0

    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1

    Bang IDColo.... setelah saya coba caranya, kemudian saya lihat hasilnya pada file hasil.txt ternyata banyak sekali..... langkah selanjutnya bagaimana bang... :help:
     
Loading...
Thread Status:
Not open for further replies.

Share This Page

Loading...