douwei3172 2013-09-09 08:06
浏览 107

正则表达式删除和保留行

I'm looking to use the following regex line to remove malicious code from my site;

find -type f -name \*.php -exec sed -i 's/.*eval(base64_decode(\"CmVycm.*/<?php/g' {} \;

This will preserve <?php which I want but I noticed that many of the injections are throughout php files on multiple lines, meaning not just the very first <?php So is it possible to do an if do otherwise statement where if its on line 1 of a php file preserve the php tag otherwise remove the entire line if its anywhere else?

  • 写回答

2条回答 默认 最新

  • dongzhucha3999 2013-09-09 08:35
    关注

    Instead of saying:

    sed -i 's/.*eval(base64_decode(\"CmVycm.*/<?php/g'

    say:

    sed -i 's/eval[(]base64_decode[(]["]CmVycm.*//g'

    This would preserve the <?php tag and also remove the malicious code from lines where the tag doesn't exist!

    EDIT: As commented by Birei, you can say:

    sed -i -e '1 s/.*eval[(]base64_decode[(]["]CmVycm.*/<?php/g' -e '2,$ s/.*eval[(]base64_decode[(]["]CmVycm.*//g'
    评论

报告相同问题?

悬赏问题

  • ¥20 ML307A在使用AT命令连接EMQX平台的MQTT时被拒绝
  • ¥20 腾讯企业邮箱邮件可以恢复么
  • ¥15 有人知道怎么将自己的迁移策略布到edgecloudsim上使用吗?
  • ¥15 错误 LNK2001 无法解析的外部符号
  • ¥50 安装pyaudiokits失败
  • ¥15 计组这些题应该咋做呀
  • ¥60 更换迈创SOL6M4AE卡的时候,驱动要重新装才能使用,怎么解决?
  • ¥15 让node服务器有自动加载文件的功能
  • ¥15 jmeter脚本回放有的是对的有的是错的
  • ¥15 r语言蛋白组学相关问题