This PHP script scans your WordPress database for suspicious entries in the wp_options table, identifying common malicious code patterns like <script>, eval, base64_decode, and document.write. It assists in detecting and mitigating potential malware threats to your WordPress installation.
- Efficient Malware Detection: Scans for common malicious patterns in the
wp_optionstable. - Flexible Usage: Run via a web browser or command line.
- Security First: The script only reads the database and does not perform any destructive actions.
- Ease of Use: Designed for quick deployment with minimal configuration.
- Customizable: Easily edit the script to fit your specific requirements.
- Download the
scanner.phpscript or copy the code from here. - Open the file in any text editor.
- Update the following database placeholders:
your_db_host: Database host (e.g.,localhost).your_db_username: Database username.your_db_password: Database password.your_db_name: WordPress database name.
- Upload
scanner.phpto your WordPress directory (or any accessible directory on your server).
- Access the script in your browser, e.g.,
http://yourwebsite.com/scanner.php.
- Log into your server and execute:
php /path/to/scanner.php
- The script displays suspicious entries (name and truncated value) for your review.
- Manually inspect and clean any suspicious entries using tools like phpMyAdmin or direct database queries.
After use, delete the scanner.php file from your server to avoid unauthorized access.
-
Integration with Aikido.dev:
Future versions will integrate with Aikido.dev to streamline detection and provide real-time updates on vulnerabilities and solutions. -
Matrix Optimization Scripts:
Testing various approaches through scriptsmatrix1.sh,matrix2.sh, andmatrix3.sh. These experimental batch scripts aim to enhance system configurations with varying methodologies. Outputs may require expertise for review, especially concerning bit sizing.
-
Translation to PHP:
Batch functionalities frommatrix.shseries will be migrated to PHP for better platform independence and adaptability. -
Advanced Malware Patterns:
Expanding detection capabilities to include emerging malware trends. -
Result Export:
Generate detailed reports in JSON, XML, or PDF formats.
- Unexpected Output: Experimental features in the
matrix.shseries may yield unexpected results requiring specialized expertise. - Scope: Focused on the
wp_optionstable; malware in other tables may go undetected. - Pattern Recognition: May not detect obfuscated or non-standard malware patterns.
- Translate batch scripts to PHP for better compatibility.
- Optimize the
matrix.shseries outputs and bit sizing mechanisms. - Add support for automatic database cleanup (optional, with confirmations).
- Develop a GUI-based version for non-technical users.
For support, suggestions, or queries, reach out via email:
📧 [email protected]
Stay updated on the latest developments and announcements:
📰 KVNBlog
This script is a diagnostic tool to help identify potential vulnerabilities. It does not guarantee complete protection or malware detection. Always maintain up-to-date backups of your WordPress database and files.