View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions find what php script is spamming
Log in to Ask a Question

find what php script is spamming

general

Hi I had a bit of a look on the web but can not find anything simple, how could I trace what scripts are using phpmail to send spam?

2 Replies

````
find /path/to/scripts -type f | xargs file | grep -i "PHP script" | cut -d':' -f 1 | xargs grep -ni "mail"

````

Unless the code to send mail uses sockets directly (in which case grep for "socket" instead of "mail"), or is stored as encoded string and eval()'d, meaning you could look for eval()s that should not be there.

If you've got PHP scripts on your system sending spam, there's a good chance your box has been compromised and should be wiped clean.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct