LittleDemon WebShell


Linux webm007.cluster106.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue Sep 17 08:14:20 UTC 2024 x86_64
Path : /home/eglisebaa/
File Upload :
Command :
Current File : /home/eglisebaa/nettoyage-backdoors-supplementaires.sh

#!/bin/bash
#
# Script de nettoyage des backdoors supplémentaires détectés
#

set -e

WP_ROOT="/home/eglisebaa/www"
cd "$WP_ROOT"

echo "🔴 NETTOYAGE DES BACKDOORS SUPPLÉMENTAIRES"
echo "=========================================="
echo ""

# Liste des fichiers/répertoires malveillants à supprimer
BACKDOORS=(
    "wp-admin/css/colors/coffee/widgets/index.php"
    "wp-admin/js/widgets/installers/137714/index.php"
    "wp-admin/js/widgets/installers/index.php"
    "wp-admin/user/106469/index.php"
    "wp-admin/includes/colors/726148/index.php"
    "wp-admin/images/includes/110056/index.php"
    "wp-content/mu-plugins/customize/817281"
    "wp-content/mu-plugins/customize/index.php"
    "wp-content/ai1wm-backups/579542/index.php"
    "wp-content/languages/themes/596990/index.php"
    "wp-content/languages/plugins/179808/index.php"
    "wp-content/themes/twentytwentyfour/parts/07/index.php"
)

BACKUP_DIR="backups-malware-$(date +%Y%m%d-%H%M%S)"
mkdir -p "$BACKUP_DIR"

for item in "${BACKDOORS[@]}"; do
    if [ -e "$item" ]; then
        echo "📦 Sauvegarde: $item"
        mkdir -p "$BACKUP_DIR/$(dirname $item)"
        cp -r "$item" "$BACKUP_DIR/$item" 2>/dev/null || cp "$item" "$BACKUP_DIR/$item"
        
        if [ -d "$item" ]; then
            echo "🗑️  Suppression du répertoire: $item"
            rm -rf "$item"
        else
            echo "🗑️  Suppression du fichier: $item"
            rm -f "$item"
        fi
        echo "✅ Supprimé"
        echo ""
    fi
done

# Supprimer les répertoires vides suspects
echo "🧹 Nettoyage des répertoires vides suspects..."
find wp-admin/css/colors/coffee/widgets -type d -empty -delete 2>/dev/null || true
find wp-admin/js/widgets/installers/137714 -type d -empty -delete 2>/dev/null || true
find wp-admin/js/widgets/installers -type d -empty -delete 2>/dev/null || true
find wp-admin/user/106469 -type d -empty -delete 2>/dev/null || true
find wp-admin/includes/colors/726148 -type d -empty -delete 2>/dev/null || true
find wp-admin/images/includes/110056 -type d -empty -delete 2>/dev/null || true
find wp-content/ai1wm-backups/579542 -type d -empty -delete 2>/dev/null || true
find wp-content/languages/themes/596990 -type d -empty -delete 2>/dev/null || true
find wp-content/languages/plugins/179808 -type d -empty -delete 2>/dev/null || true

echo ""
echo "✅ NETTOYAGE TERMINÉ"
echo "📁 Sauvegardes dans: $BACKUP_DIR"
echo ""

LittleDemon - FACEBOOK
[ KELUAR ]