Reputation: 389
Delete or replace first line of 3500 php files
I have an old server, all php files are compromised by a malicious code on the first line of all files.
I would replace the first line by a simple line that contains <?php
could you advise me a linux command for doing this ?
thank you
Upvotes: 0
Views: 143
Answers (3)
Reputation: 111
To check
grep '\$efidomat.*\$otunim);' *.php
To delete in a directory
sed -i 's/\$efidomat.*\$otunim);//' *.php
To delete in directory tree
find . -type f -exec sed -i 's/\$efidomat.*\$otunim);
Parameters
$efidomat - the beginning of "my" malicious code.
$otunim - the end of "my" malicious code.
Upvotes: 1
Reputation: 389
I write this :
grep 'create_";global' -rl | xargs sed '1 s/^.*$/<?php/g' -i
and I think it doing the job
Upvotes: 0
Reputation: 141
Here is a small python script that will work its way through all *.php files in its folder and create a modified version in a subfolder called new_files. Don't forget to create that subfolder before running the script!
import glob
for f in glob.glob("*.php"):
f_in=open(f,"r")
f_out=open("new_files/"+f,"w")
f_out.write("<?php\n")
for l in f_in.readlines()[1:]:
f_out.write(l)
f_out.close()
f_in.close()
I know it's not a linux command but if you create a file called "script.py" and install python the linux command would be "python script.py". Haha just kidding, I hope it is still helpful ;)
Upvotes: 0
Related Questions
- How can I remove a malicious line of code and replace it with the opening php tag using regex, in multiple files?
- Identify compromised PHP files
- Mass removal of malicious line from php files
- All PHP files getting hacked
- PHP/SSH regex script/command to delete identical malware code from many files
- Mass Find and Replace PHP Files
- Replacing a specific bit of text in all php files on a server?
- Replace strings in PHP files with shell script
- How can I search and replace all files recursively to remove some rogue code injected into php files on a wordpress installation?
- Cleanup php files from virus