Last active
February 15, 2025 21:44
-
-
Save cPFence/a2dea38f60a5ccc051f5b386c848fb59 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Steps To Test WordPress Database Malware Scanning in cPFence | |
| 1. Access the container of the test WP: | |
| su - username | |
| cd public_html/ | |
| 2. Inject test malware into the database: | |
| # Run the following command to add a test malware to wp_options table: | |
| wp db query "INSERT INTO wp_options (option_name, option_value) VALUES ('test_malware_payload', '<script>eval(base64_decode(\"ZXZpdCgkX1BPU1RbJ2NtZCddKTs=\"))</script>');" | |
| # Run the following command to add a test malware to wp_posts table: | |
| wp db query "INSERT INTO wp_posts (post_title, post_content, post_status, post_type) VALUES ('Test Malware', '<script>eval(base64_decode(\"ZXZpdCgkX1BPU1RbJ2NtZCddKTs=\"))</script>', 'publish', 'post');" | |
| 3. Exit the container: | |
| exit | |
| 4. Run the database scan from cPFence Admin UI: | |
| - Go to Threat & Malware Detection. | |
| - Click Scan All WordPress Databases for Malware. | |
| - Review the results. | |
| - Or you can directly use the CLI if you prefer: | |
| cpfence --bulk-scan-wp-databases | |
| Note: | |
| This is just a sample payload to test detection. | |
| You can also add any other malware or malicious code you know for testing purposes. | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment