ConfigServer Community Forum

Hi Jonathan,
as always thanks for this great script that seems to be like the wine on time, every time is getting better,

Jonathan, could it be possible to have a CLEAN button that could repair a hacked file?

The CLEAN button could be associated with a file called CXS.CLEAN or with a form box where we could write the exact match of a particular code that we want to clean on one or more files at once, this will be a really nice addition to CXS and will save us a lot of time.

To elaborate a little bit further, this cleaning could be performed only in ascii files.

What you think?

Regards,

Sergio

I'll have a think about this, but it may really be outside of the responsibility that we want to keep cxs within.

Thread resurrection.

I was clearing up a site earlier and was thinking through the process.

I get an email with all the exploits/fingerprints/viruses etc but then cut out the filename from the email, paste in to a shell to view it and then I decide to either delete the file, quarantine it or edit it. Sometimes that's a lot of cutting/pasting.

Automating that process would be useful. So, could the email/report link to a web UI?

Each link in the report then opens the file in a web based text editor preferably with the exploit highlighted and the error message (Known exploit = [Fingerprint Match] [PHP Exploit [P0902]] etc). From there it's either edit and save, delete file or quarantine. Repeat for each exploit in the report.

Possible? Would this need changes to cxs or could a 3rd party pull in the logs?