GoFuckYourself.com - Adult Webmaster Forum - View Single Post

funnybone · 05-20-2012, 03:03 PM

I had a similar hack on a site running Vbulletin 3 with a sneaky js redirect insert.

This is the shell script I used

Code:

for i in $(find . -name '*.php')
do
sed -i -r 's#eval\(base64_decode\([^\)]+\)\);##g' "${i}"
done

Only good if the code inserted starts with eval(base64_decode(.
That's just a temporary fix, though.

05-20-2012, 03:03 PM
funnybone Confirmed User Join Date: Apr 2006 Posts: 422	I had a similar hack on a site running Vbulletin 3 with a sneaky js redirect insert. This is the shell script I used Code: for i in $(find . -name '*.php') do sed -i -r 's#eval\(base64_decode\([^\)]+\)\);##g' "${i}" done Only good if the code inserted starts with eval(base64_decode(. That's just a temporary fix, though.