-1

I was just browsing my server and found a suspicious file in one of the directories. It's a .sh file, and after researching it, I understand that it's the Linux equivalent of a Windows batch file.

That's good to learn...but I didn't put it there. And I have only located one instance of it, here's the code:

#!/bin/bash

#(filename).jpg

for file in $(find . -name '*_?_*.jpg' -print)
do
newfile=$(echo $file | sed 's/_\(.\)_/_0\1_/')
mv $file $newfile
done

The (filename) is my replacement for the filename in this script.

What I want to know, in order to learn from this, is if this was a malicious file and what it looks like it's purpose may have been?

Again, I did not place this file there, I don't routinely access my server through SSH, so this raised some concern. Any help would be genuinely appreciated. Thanks!

4

1 回答 1

3

The script just renames .jpg files which have a name like:

Nice_Picture_2_.jpg

to

Nice_Picture_02_.jpg

no malware

于 2013-05-08T22:34:13.973 回答