Remove repeated malicious script using shell script

We can use below code to remove repeated malicious scripts

#!/bin/bash

pattern_1=”<FilesMatch \”.(py|exe|php)$\”>”

pattern_2=”[ ]*Order allow\,deny\n”

pattern_3=”[ ]*Deny from all\n”

pattern_4=”[ ]*<\/FilesMatch>\n”

pattern_5=”[ ]*<FilesMatch \”\^(about.php|radio.php|index.php|content.php|lock360.php)$\”>\n”

pattern_6=”[ ]*Order allow\,deny\n”

pattern_7=”[ ]*Allow from all\n”

pattern_8=”[ ]*<\/FilesMatch>\n”

complete_pattern=”$pattern_1\n$pattern_2$pattern_3$pattern_4$pattern_5$pattern_6$pattern_7$pattern_8″

replacement_1=””

replacement_2=””

replacement_3=””

replacement_4=””

replacement_5=””

replacement_6=””

replacement_7=””

replacement_8=””

complete_replacement=”$replacement_1$replacement_2$replacement_3$replacement_4$replacement_5$replacement_6$replacement_7$replacement_8″

filename=”.htaccess”

echo “”

echo “Replacing the lines..”

sed -i “/$pattern_1/{

N;N;N;N;N;N;N;N;N;

s/$complete_pattern/$complete_replacement/

}” $filename

Notes :

– Special characters must be escaped with a backslash \

– [ ]* — This will match 0 or many whitespaces. Standard RegEx notation

– sed -i “/$pattern_1/{ — This will search the file, line-by-line, for pattern_1 [<FilesMatch “.(py|exe|php)$”>].

– N;N;N;N;N — N tells sed to read the next line after the pattern and attach it to current line.

– s/$complete_pattern/$complete_replacement/ — Replace $complete_pattern with $complete_replacement.

To run this script recursively in all folders and sub folders

function recursive_for_loop {
for f in *; do
if [ -d $f -a ! -h $f ];
then
cd — “$f”;
echo “Replacing the contents in folder `pwd`/$f”;
sed -i “/$pattern_1/{
N;N;N;N;N;N;N;N;N;
s/$complete_pattern/$complete_replacement/
}” $filename
# use recursion to navigate the entire tree
recursive_for_loop;
cd ..;
fi;
done;
};
recursive_for_loop

Remove repeated malicious script using shell script

July 25, 2023HTTP Requests with Axios - Practical Guide with Examples

April 26, 2023Quick ride through Magento 2 Architecture

April 25, 2023Magento 2 Commands

April 18, 2023Steps to increase the speed of Magento 2.4 web site

April 18, 2023How to create a stored procedure in Magento 2.4

Let's get something awesome together

Services

Technologies

Connect