Hacked Site - SSH 从 200 多个文件中删除大量 javascript [英] Hacked Site - SSH to remove a large body of javascript from 200+ files

问题描述

我被要求在 apache(php、JS、HTML)上清理一个被黑的网站，我可以这样做并且我已经实现了安全功能，但是仍然有 JS 注入了大约 2000 多个 javascript 文件.注入的代码在每一页上都是相同的，大约有 5500 个字符，中间散布着 !'' 字符.

I have been asked to clean a hacked site on apache (php, JS, HTML) which I can do and I have implemented security features, however there is still JS injected into about 2000+ javascript files. The injected code is the same on every page and about 5500 characters long with !'' characters interspersed.

理想情况下，我想运行一个 SSH 命令，从它所在的每个页面中查找并删除这个长代码.所有示例 find、grep、sed 等都只显示没有特殊字符的非常短的字符串.

Ideally I'd like to run a SSH command that would find and remove this long code from every page it is on. All of the examples find, grep, sed etc only show it for very short strings with no special characters.

感谢任何帮助.

推荐答案

尝试就地修复服务器毫无意义.将其擦除到裸机并从源代码管理重新部署.

There's no point to trying to fix the server in-place. Wipe it down to bare metal and re-deploy from source control.

一旦有人进入您的盒子，除非您将其全部烧毁，否则无法确保他们真的消失了.肯定没有什么神奇的命令可以为您解决这个问题.

Once someone has gotten into your boxes, there's no way to ensure they're really gone unless you burn it all down. There's certainly no magic command that can figure it out for you.

这篇关于Hacked Site - SSH 从 200 多个文件中删除大量 javascript的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！