The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

how to find a file name

Discussion in 'Security' started by coldclimber, Jan 13, 2012.

  1. coldclimber

    coldclimber Active Member

    Joined:
    Aug 19, 2010
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    1
    Instead of having to go through each site in my home directory by hand is there a fast way to scan my home directory for a particular php file saymyfile.php as i have found a suspicious file in a few sites and need to ensure that all sites on the server do not have this file in them.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    652
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You could use the "find" command to search for a specific filename within all accounts on your system. Here is an example of such a command:

    Code:
    find /home -iname "passwd" -type f
    The above command would list all files named "passwd" within your /home directory.

    Thank you.
     
  3. coldclimber

    coldclimber Active Member

    Joined:
    Aug 19, 2010
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    1
    great thanks is there an option to delete all files called "passwd" once they are listed
     
  4. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Finland
    cPanel Access Level:
    Root Administrator
    Code:
    find /home -iname "passwd" -type f  -exec rm {} \;
    
     
  5. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    That command to delete is very dangerous, because it doesn't prompt to confirm each file for deletion nor does it actually provide a list of the files being deleted. It simply scans and removes them. I would stress to anyone using such a command to first list the files so you will know what files you are going to delete.

    I foresee a slew of tickets or posts where someone deleted all of their passwd files from /home/username/etc locations due to baseline running the command without making any changes nor ensuring what files were being removed. This would be a terrible thing to happen on a machine.
     
Loading...

Share This Page