Some stupid monkeys wasted their and my time infecting one of our websites. Now, it seems that the website has been compromised via ftp and a whole bunch of files have been infected. Having changed the ftp credentials, my idea now was to run find and sed to get rid of the code:
find . -type f -exec sed -i 's/term-to-search-for//g' {} \;
Now I need some help with the regex. The script starts with <script>
then there is some JS-code, then there's always a variable called egbserb
(which is never used elsewhere) and there's the closing tag (</script>
).
Two questions:
- This is what I tried:
script*egbserb*script
(keep it stupid simple), but it didn't work out. - If the code is written over more lines, how would I have to write the regex then?
Thanks a lot in advance!
Following should help you. (Assumption: I am working on test_regex file)