Question : During a routine security audit, the team identified an issue on the Nautilus App Server. Some malicious content was identified within the website code. After digging into the issue they found that there might be more infected files. Before doing a cleanup they would like to find all similar files and copy them to a safe location for further investigation. Accomplish the task as per the following requirements:
a. On App Server 2 at location /var/www/html/beta find out all files (not directories) having .php extension.
Please Note :- Perform the below commands based on your question server, user name & other details that might differ. So please read the task carefully before executing it. All the Best 👍
1. At first login on App server ssh steve@stapp02
2. Switch to root user : Sudo su -
3. Run the Below command to find the file with extension and copy in a folder
Note:- Please refer your task and replace extension accordingly
find /var/www/html/beta -type f -name '*.php' -exec cp --parents {} /beta \;
4. Validate the task by checking ll /beta folder
5. Click on Finish & Confirm to complete the task successful
Happy Learning!!!!
Apart from this if you need more clarity, I have made a tutorial video on this ,
please go through and share your comments. Like and share the knowledge
0 Comments