[SSH] Search in PHP for Backdoors

1. _____ _____ _ _____ _____ _____ _____ _____ _____
2. ___| | __ |_| _ |_ _|___ ___|_ _| __| _ | |
3. |_ -| --| -| | __| | | |- _|___| | | | __| | | | |
4. |___|_____|__|__|_|__| |_| |___| |_| |_____|__|__|_|_|_|
5. |s C R i P T z - T E A M . i N F O|████████████████████████████
6.  
7. - iNfO -
8.  
9. [SSH] Search in PHP for Backdoors
10.  
11. - NOtIcE -
12. LOGiN TO SSH:
13.  
14. Use Unix / Linux grep command to search c99 or r57 shell (replace /var/www/html/ with your path!):
15.  
16. grep -iR 'c99' /var/www/html/
17. grep -iR 'r57' /var/www/html/
18. find /var/www/html/ -name \*.php -type f -print0 | xargs -0 grep c99
19. grep -RPn "(passthru|shell_exec|system|base64_decode|fopen|fclose|eval)" /var/www/html/