Last active
February 4, 2020 14:40
-
-
Save hiranthi/7f95166b7fa7bf2e1ac0f3f1ab7e1c30 to your computer and use it in GitHub Desktop.
Veel WordPress websites zijn geïnfecteerd waarbij er verschillende injecties zijn toegevoegd die gerelateerd zijn aan 'adsformarket'. Alle bestanden handmatig nalopen & opschonen, is veel werk. Met deze bash-scripts kan het een stuk makkelijker doorlopen worden.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # WP_PATH definiëren | |
| export WP_PATH=$(pwd) | |
| search_adsformarket="snippet.adsformarket.com" | |
| file_adsformarket="../adsformarket.txt" | |
| touch $file_adsformarket | |
| adsformarketmalfiles=$(find -type f | grep -liR "${search_adsformarket}" $WP_PATH) | |
| for file in $adsformarketmalfiles; do | |
| if [ -f "$file" ]; then | |
| echo $file | |
| sed -i "s/<script type='text\/javascript' src='https:\/\/snippet\.adsformarket\.com\/same\.js'><\/script>//g" $file | |
| fi | |
| done | |
| printf "${adsformarketmalfiles[@]}\n" >> $file_adsformarket | |
| search_adsformarket="track.adsformarket.com" | |
| file_adsformarket="../track.adsformarket.txt" | |
| touch $file_adsformarket | |
| adsformarketmalfiles=$(find -type f | grep -liR "${search_adsformarket}" $WP_PATH) | |
| for file in $adsformarketmalfiles; do | |
| if [ -f "$file" ]; then | |
| echo $file | |
| sed -i "s/<script type=text\/javascript src='https:\/\/track\.adsformarket\.com\/t\.js'><\/script>//g" $file | |
| fi | |
| done | |
| printf "${adsformarketmalfiles[@]}\n" >> $file_adsformarket |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ -z ${WP_PATH+x} ]; then | |
| # WP_PATH definiëren | |
| export WP_PATH=$(pwd) | |
| fi | |
| search_gfjfgjk="gfjfgjk" | |
| file_gfjfgjk="../gfjfgjk.txt" | |
| touch $file_gfjfgjk | |
| gfjfgjkfiles=$(find -type f | grep -liR "${search_gfjfgjk}" $WP_PATH) | |
| num_bytes=475 | |
| for file in $gfjfgjkfiles; do | |
| if [ -f "$file" ]; then | |
| echo $file | |
| dd if="$file" of="$file.truncated" bs=$num_bytes skip=1 && mv "$file.truncated" "$file" | |
| fi | |
| done | |
| printf "${gfjfgjkfiles[@]}\n" >> $file_gfjfgjk |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment