ConfigServer eXploit Scanner - cxs v2.27

Scan Resource
You should read through the Documentation before performing any scans to understand what each of the following options does.
All cPanel users		Scan all user accounts
All cPanel users	start after	Scan selected user accounts
All cPanel users	start from end with	Scan selected user accounts
cPanel user		Scan this users login directory
File/Directory		A file or directory to scan
public_html scan		Only scan within the public_html/ subdirectory when all users or one user selected above
Scan Report (will display to screen if none selected)
Report file		Write scan report to this file
Log file		Append suspicious scan report files to this file
Email		Send scan report to email address
SMTP		Send scan report email via SMTP instead of sendmail
Exploit Scan
Exploit scan		Perform exploit scanning
Exploit Scan Options (standard)
(m) regex pattern match	(O) socket	Exploit scan specified checks only
(L) symlink	(f) suspicious file name/type
(S) SUID file	(G) GUID file
(c) core dump file	(Z) scan within zip, tar, tar.gz and tar.bz2 files
(e) Linux binary or executable file	(x) Windows binary or executable file
(h) suspected exploit file	(d) suspicious directory name
(n) hidden directory owned by nobody	(M) fingerprint match
(w) world writable directory	(D) Decode PHP compressed (e.g. base64) scripts
(R) Match the PHP decode regex
Exploit Scan Options (advanced)
These advanced options can be dangerous (change file permissions, delete files or identify innocent files as suspicious) and you should read and understand the documentation before enabling any of them. None of these options will save as defaults from this UI.		Advanced exploit scan options
(T) identifies all PHP, Perl, and other script files as suspicious	(W) world writable directory (777), chmod to 755
(P) Test account D/B config file passwords via FTP	(E) all email scripts
(C) core dump file, delete
Virus Scan
Virus scan		Perform virus scanning with ClamAV
Virus Scan Options
(f) suspicious file name/type	(h) suspected exploit file	Virus scan specified file types only
(e) Linux binary or executable file	(x) Windows binary or executable file
(T) all PHP, Perl, and other script files	(m) regex pattern match
Ignore File
Ignore file		A file containing resources for scanning to ignore
Xtra File
Xtra file		A file containing a list of regular expression matches and filenames that cxs will additionally scan for
Quarantine
Quarantine Directory		Move suspicious files to Quarantine directory (must already exists and chmod 1777). However, since the likelihood of a false-positive is relatively high, it is recommended that a strict set of Quarantine Options is specified for manual scans.
Quarantine Options
(m) regex pattern match	(M) fingerprint match
(S) SUID file	(G) GUID file
(e) Linux binary or executable file	(x) Windows binary or executable file
(h) suspected exploit file	(c) core dump file
(T) all PHP, Perl, and other script files	(E) all email scripts
(v) virus	(f) suspicious file name/type
Other options
Quiet output		Stop cxs displaying progress output (use for cron jobs)
Show statistics summary		Display statistics for each scan
Maximum size		Maximum text file size to scan
Maximum resources		Skip scanning a directory if it contains more than this number of resources (files, directories, etc.)
ClamAV clamd socket		Location of the clamd socket
Deep scan		This option will scan all text files for all regex matches, not just file extension or type specific ones
Display md5sum		Display md5sum of a file if there is a regex match
Throttle cxs		Sleep if load is greater than this
Run scan as a background process		If you select Run Scan, this will launch the cxs scan job as a background process and not wait to display output
Action (based on the options selected above)
&nbs

Upgrade
You are running the latest version of cxs. An Upgrade button will appear here if a new version becomes available

cxs: v2.27