Skip to content

Instantly share code, notes, and snippets.

@bungard
Created February 19, 2015 00:12
Show Gist options
  • Save bungard/c5545d6142b8540273b5 to your computer and use it in GitHub Desktop.
Save bungard/c5545d6142b8540273b5 to your computer and use it in GitHub Desktop.
Shell script to try and detect and clean common WP infections
grep -lr --include \*.php --exclude \*id3v2.php "%x[0-9]" . | tee infected-files.txt
while read -r filename ; do
cp -v "$filename" "$filename.dirty"
sed -i "s/<?php \$\w\+ = '.*%x[0-9].*?>//g" "$filename"
done < infected-files.txt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment