How to find all files of a particular size in a particular directory
Last weekend, I worked on a Linux malware cleaning project. After 30 minutes of finding, I found 2 suspected scripts that are not included in Drupal by default. I soon realized that there are many of them, and I have a very limit access to his website (just normal account SSH access). Fortunately, after doing some research, I found that I can easily find all files of a particular size in his home directory. Simple like that: Suppose we want to find all files that has size = 1234 bytes and in /home/codepie directory, just type the following command
find /home/codepie -type f -size 1234c -exec ls {} \;
You might wonder what does ‘c’ in command mean. As units you can use:
- b – for 512-byte blocks (this is the default if no suffix is used)
- c – for bytes
- w – for two-byte words
- k – for Kilobytes (units of 1024 bytes)
- M – for Megabytes (units of 1048576 bytes)
- G – for Gigabytes (units of 1073741824 bytes)
Additionally, you can also search for bigger (+) or smaller (-) files. Just add a plus (+) or minus (-) for bigger and smaller files, respectively.
find /home/codepie -type f -size +1234c -exec ls {} \;
Have fun finding!