Zum Inhalt springen

TABLE OF CONTENT:

What is „wp-rex“?
- a script, that can help you finding malware in your wordpress installation
- easy to use, just upload it to your wordpress directory
- usable via http/https-request, usable via ssh/cli
- open-source, you do not have to pay anything
What is „wp-rex“ not?
- a 100%-guarantee to find all malware in your wordpress installation
- a magic tool, that cleans your wordpress in some mysterious way
Where can I get this script?
How do I use it?
- upload the file into your wordpress directory
- visit this file in your favorite web-browser, e.g. mywordpressblog.com/wp-rex.php
- use this tool on the command line interface via
php wp-rex.php
- maybe you need to state the absolute path to php, e.g.
/usr/bin/php
What checks are being made?
- wordpress core file checksum comparison
- check for files modified in the last seven days
- check all files for malicious code snippets from common malware samples
What features will be implemented soon?
- check for suspicious file permissions, e.g. executable wp-config.php (Why would anybody do this?!)
- check for additional files, which do not belong there
- check for common malware filename patterns
- return results in an array
- add a scoring procedure, calculating the chance, that a malware attack has been executed
- continously updated malware samples
Can I request a feature?
Nach oben scrollen