Quote:
Originally Posted by Nejc
OK. Obviously this script doesn't do, what I would like, since it purged all my files. No harm done anyway, I did it on purpose on a testing website which was also spamed. 
Before I ran the script, I also tested only with sed using this code:
Code:
sed "s:<?php echo '<script language='JavaScript'>function e590206b977().*<\/script>'; ?>::" index.php > index.temp
|
Surely it won't do anything, since you removed two crucial backslashes before the closing tag
\/script>. It won't work without them:
Code:
sed "s:<?php echo '<script language='JavaScript'>function e590206b977().*<\\\/script>'; ?>::" index.php > index.temp
Quote:
|
I can say, that the above command of sed, just copies the file index.php to index.temp. Nothing else.
|
There is one thing for sure,
every single character counts, if you miss one the whole code will fail. Please copy/paste when testing.
I tested with your spam sample, and it worked fine; obviously, if you have another spam string, different from the one above, the code needs again
modifications.
The only important point about
sed's pattern is the greedy regex
.* , it'll match the whole portion of the string from the end of
...>function e590206b977() pattern up to the beginning of
<\/script> spam's closing tag.
