Anjing Webshells

Website : rimsha.abasa.com
: / home / sohaib /
Filename : scan.sh
back
#!/bin/bash

# Yeh folders jahan tumhari websites/projects hain
BASE="/var/www"

# Wo patterns jo malware mein sab se zyada use hotay hain
PATTERNS='(base64_decode\(|gzinflate\(|str_rot13\(|eval\(|assert\(|shell_exec\(|system\(|passthru\(|exec\(|obfuscate|preg_replace\("/e"|curl |wget )'

# Wo folders jinko scan nahi karna
EXCLUDES="node_modules|vendor|.git|logs|backup|cache|wp-content/uploads|.next|dist"

echo "=== Malware Scan Start Ho Raha Hai ==="
echo ""

for site in "$BASE"/*; do
    if [ -d "$site" ]; then
        
        SITE_NAME=$(basename "$site")

        # Skip unnecessary dirs
        if [[ "$SITE_NAME" =~ ^(html|boldgrid_backup)$ ]]; then
            continue
        fi

        echo "🔍 Scanning: $SITE_NAME ..."

        # Scan command
        MATCH=$(grep -RIEil "$PATTERNS" "$site" --exclude-dir={$EXCLUDES} 2>/dev/null)

        if [ -z "$MATCH" ]; then
            echo "✅ $SITE_NAME => Clean (koi suspicious file nahi mili)"
        else
            echo "❌ $SITE_NAME => Infected"
            echo "⚠ Suspicious files:"
            echo "$MATCH" | head -n 10
            echo "   (sirf 10 files dikhayi ja rahi hain, aur bhi ho sakti hain)"
        fi

        echo ""
    fi
done

echo "=== Scan Complete ==="