Skip to content

Instantly share code, notes, and snippets.



Last active Nov 10, 2015
What would you like to do?
PHP/Drupal Malware Remover
# Observe the mess, exclude the unnecessary
# -r: Recursive
# -I: Skip binaries
grep -rI --color "return base64_decode(\\$.*);" /path/to/www/root
# Clean the mess
# -r: Recursice
# -I: Skip binaries
# -l: Show full filenames of matched files
# -Z: Ensures that filenames are zero- (i.e., nul-) terminated so that a name containing white space does not get interpreted in the wrong way
# xargs -0: Feeds the filenames from grep to "rm -f", separating words by zero (nul) bytes
# -- is very important to mark the end of options and allow for removal of files whose names begin with "-" character
grep -rlIZ "return base64_decode(\\$.*);" /path/to/www/root | xargs -0 rm -f --
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment