)/iU';
// Change $the_dir to the relative path you'd like to start searching/fixing in.
// You can use this if the script is timing out (or just move the script into subdirectories).
$the_dir = './';
function get_infected_files( $dir ) {
global $hack_str;
$dir = rtrim($dir, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR;
$d = opendir($dir);
$files = array();
if ( $d ) {
while ( $f = readdir($d) ) {
$path = $dir . $f;
if ( is_dir($path) ) {
if ( $f != '.' && $f != '..' ) {
$more_files = get_infected_files($path);
if ( count($more_files) > 0 ) {
$files[] = $more_files;
}
}
}
else {
if ( strpos($f, '.php') !== false ) {
$contents = explode("\n", file_get_contents($path));
if ( strpos($contents[0], $hack_str, 0) !== false ) {
$files[] = $path;
}
}
}
}
}
return $files;
}
function print_files( $files ) {
if ( count($files) > 0 ) {
foreach ( $files as $file ) {
if ( is_array($file) ) {
print_files($file);
}
else {
echo $file . '
';
}
}
}
}
function fix_files( $files ) {
global $hack_str;
global $hack_str_regex_to_replace;
foreach ( $files as $file ) {
if ( is_array($file) ) {
fix_files($file);
}
else {
$contents = explode("\n", file_get_contents($file));
//unset($contents[0]);
$contents[0] = preg_replace($hack_str_regex_to_replace, '', $contents[0]);
$f = fopen($file, 'w');
if ( $f ) {
$the_content = implode($contents, "\n");
//$the_content = preg_replace('/^\\s/', '', $the_content); // remove any leading whitespace.
fwrite($f, $the_content, strlen($the_content));
fclose($f);
echo "Removed first line containing " . htmlentities($hack_str) ." from $file...
";
}
}
}
}
function get_count( $files ) {
$count = count($files);
foreach ( $files as $file ) {
if ( is_array($file) ) {
$count--; // remove this because it's a directory
$count += get_count($file);
}
else {
$count ++;
}
}
return $count / 2;
}
?>
Infected Files in
0 ) :
if ( isset($_POST['do_fix']) ) :
fix_files( $files );
?>
Files cleaned up.
Scan Files Again