- Edited
So I was wondering if one can figure out how a malware infiltrated itself into a website's ftp directory (the malware is the eval(base64_decode) malware that replicates itself into every PHP file) by analyzing the access or ftp server logs. Any particular hints on how to catch this annoying thing? (maybe in turn figuring out the vulnerabilities on the website)