|

»

»

»

Determine if your site has been defaced

View: New views

8 Messages — Rating Filter: Alert me

	Determine if your site has been defaced by Jeff Siegel :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Anyone know of a PHP script that can be run from a cron and which can check whether a website has been defaced? Thanks, Jeff _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
	Re: Determine if your site has been defaced by Dan Cech :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Jeff Siegel wrote: > Anyone know of a PHP script that can be run from a cron and which can check whether a website has been defaced? cURL + preg would do the trick I'd imagine. Dan _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
	Re: Determine if your site has been defaced by Tim Lieberman :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Pretty trivial to write one if you can come up with a decent definition for "defaced". For what's supposed to be a static page, you could use "Changed" as the definition for defaced. If the content changes, you could test for some string that should always be there. Either one can probably be tested in just a handful of lines of PHP. -Tim On Oct 8, 2008, at 2:36 PM, Jeff Siegel wrote: > Anyone know of a PHP script that can be run from a cron and which > can check whether a website has been defaced? > > Thanks, > > Jeff > > > > > _______________________________________________ > New York PHP Community Talk Mailing List > http://lists.nyphp.org/mailman/listinfo/talk > > NYPHPCon 2006 Presentations Online > http://www.nyphpcon.com > > Show Your Participation in New York PHP > http://www.nyphp.org/show_participation.php _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
	Re: Determine if your site has been defaced by Joseph Crawford :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message there is a nice os x application that can be used for this, I am not sure if you use OS X though :) http://sunflower.coleharbour.ca/ On Oct 8, 2008, at 4:36 PM, Jeff Siegel wrote: > Anyone know of a PHP script that can be run from a cron and which > can check whether a website has been defaced? > > Thanks, > > Jeff > > > > > _______________________________________________ > New York PHP Community Talk Mailing List > http://lists.nyphp.org/mailman/listinfo/talk > > NYPHPCon 2006 Presentations Online > http://www.nyphpcon.com > > Show Your Participation in New York PHP > http://www.nyphp.org/show_participation.php _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
	Re: Determine if your site has been defaced by John Campbell-6 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Wed, Oct 8, 2008 at 4:36 PM, Jeff Siegel <jeff987654@...> wrote: > Anyone know of a PHP script that can be run from a cron and which can check whether a website has been defaced? I use Google Alerts, and use a search query like: site:example.com viagra OR levitra OR cialis OR penis OR hacked It's not fool proof, but it takes about 10 seconds to setup. Regards, John Campbell _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
	Re: Determine if your site has been defaced by sbeam-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Wednesday 08 October 2008 16:39, Dan Cech wrote: > Jeff Siegel wrote: > > Anyone know of a PHP script that can be run from a cron and which can > > check whether a website has been defaced? > > cURL + preg would do the trick I'd imagine. interesting :) but yeah PHP is not needed. also md5/sha1 might do the trick, combined with curl GOODHASH=399257fc956120012baf094ffd7eed9b; \ HASH=`curl -s www.yoursite.com \| md5sum`; \ if [ "$HASH" != "$GOODHASH" ]; then mail -s "uh-oh" you@...; fi where you first get the value of "GOODHASH" with the same command as in HASH above. enjoy, Sam _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
	Re: Determine if your site has been defaced by csnyder :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Wed, Oct 8, 2008 at 4:45 PM, John Campbell <jcampbell1@...> wrote: > On Wed, Oct 8, 2008 at 4:36 PM, Jeff Siegel <jeff987654@...> wrote: >> Anyone know of a PHP script that can be run from a cron and which can check whether a website has been defaced? > > I use Google Alerts, and use a search query like: > > site:example.com viagra OR levitra OR cialis OR penis OR hacked > > It's not fool proof, but it takes about 10 seconds to setup. > Don't the alerts get nabbed by your spam filter? _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
	Re: Determine if your site has been defaced by Jeff Siegel :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Thanks to all for your suggestions. Since the sites are usually dynamic...I kinda like Tim's suggestion of placing a string on the page, perhaps in a set of comment tags, and parsing for that string. Jeff _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php

LightInTheBox - Buy quality products at wholesale price!