I have an old server, all php files are compromised by a malicious code on the first line of all files.
I would replace the first line by a simple line that contains <?php
could you advise me a linux command for doing this ?
thank you
To check
grep '\$efidomat.*\$otunim);' *.php
To delete in a directory
sed -i 's/\$efidomat.*\$otunim);//' *.php
To delete in directory tree
find . -type f -exec sed -i 's/\$efidomat.*\$otunim);
Parameters
$efidomat - the beginning of "my" malicious code.
$otunim - the end of "my" malicious code.
Here is a small python script that will work its way through all *.php files in its folder and create a modified version in a subfolder called new_files. Don't forget to create that subfolder before running the script!
import glob
for f in glob.glob("*.php"):
f_in=open(f,"r")
f_out=open("new_files/"+f,"w")
f_out.write("<?php\n")
for l in f_in.readlines()[1:]:
f_out.write(l)
f_out.close()
f_in.close()
I know it's not a linux command but if you create a file called "script.py" and install python the linux command would be "python script.py". Haha just kidding, I hope it is still helpful ;)
I write this :
grep 'create_";global' -rl | xargs sed '1 s/^.*$/<?php/g' -i
and I think it doing the job
Related
Here're my source files.
e2f9eb91-645f-408a-9241-66490b61a617_file-module-1.txt
d20f06a8-4de1-4da0-8175-93e9b2d81c42_file-module-2.txt
6740a19f-e1a0-43da-9a01-9e873238360e_file-module-3.txt
.
.
.
I need to figure it out a way to rename all the files to remove the first 36 characters up to _file or replacing as something else. I am expecting all the files are as below.
_file-module-1.txt or Yong_file-module-1.txt
_file-module-2.txt or Yong_file-module-2.txt
_file-module-3.txt or Yong_file-module-3.txt
.
.
.
Thanks in advance!
You can use rename like this:
rename --dry-run 's/.*_file/Yong_file/' *.txt
If you are on macOS, you can install rename with homebrew:
brew install rename
If you use mac, you can simply try this via UI:
https://support.apple.com/en-us/guide/mac-help/mchlp1144/mac
Or if you want to try those work via CLI:
https://www.howtogeek.com/423214/how-to-use-the-rename-command-on-linux/
(read from Renaming Multiple Files with mv)
This might help also; sed commands of linux:
https://www.geeksforgeeks.org/sed-command-in-linux-unix-with-examples/
and another stackoverflow article: bash substitute first character in every line
Easiest way to do this would be to use a combination of find, sed and xargs.
find . -name '*.txt' | sed 'p;s/.*_file/Yong_file/' | xargs -n2 mv
This finds text files in the current working directory, echoes the original file name (p) and then a modified name (s/.*_file/Yong_file/) and feeds it all to mv in pairs (xargs -n2).
If you would use zsh, you could do a
autoload zmv # Because zmv is not active by default
zmv '????????????????????????????????????(*module*txt)' '_$1'
Since you want to use bash, you could steal it from zsh and use it within bash like this:
zsh -c "autoload zmv; zmv '????????????????????????????????????(*module*txt)' '_$1'"
(These should be 36 question marks; better you count them again instead of blindly copying this code).
I am trying to filter out lines from a file through a bash script. I am able to find the path of the file from script location by running the command
Fgff=`find $D -maxdepth 1 -type f -name "*.gff"`
I can add a column to the found .gff file by running the command
sed -i '1 s/$/\tsample/; 1! s/$/\t'${D##*/}'/' $Fpsi
However if I try to filter the file and write the output in another file in the same folder then its not working.
grep 'ENSG00000155657\|ENSG00000198947' $Fgff > "$Fgff$filtered"
I want to know why grep is not working?
How can I filter all the lines having substring ENSG00000155657 or ENSG00000198947 in file apple.gff at ./dira/dirb/apple.gff and store it in ./dira/dirb/applefiltered.gff?
thanks
Providing that your $Fgff contains the correct filename, your grep command does exactly what you requested, searching for the string 'ENSG0000015565(7\|E)NSG00000198947' while you probably wanted '(ENSG00000155657)\|(ENSG00000198947)'.
How to rename files without changing extension in Linux \
102221.pdf to 102221_name.pdf
This is what you want I think:
for x in *; do mv "$x" "${x%.*}_name.${x##*.}"; done
${x%.*} will give the name of the file without extention
${x##*.} will extract the extentions
ls * | sed -r 'p;s/\.pdf$/_name\.pdf/g' | xargs -n2 mv
list all the files with ls and pipe the output to sed. sed replaces .pdf with _name.pdf and outputs both the original file name and the new file name to xargs with will call mv with the 2 parameters.
you can also use the rename command which is simpler
rename 's/\.pdf$/_name\.pdf/g' ./*
The regex pattern remains the same though
well i am not so good in linux.. but still found a working answer for you.. hope it will solve ur purpose..
check the given link.. you might need a light weighted tool called as jhead mainly its to get the header information about the file link created date and time and other.. you can find the information which suits you..
Answer
https://superuser.com/questions/90057/linux-rename-file-but-keep-extension
jhead
http://www.sentex.net/~mwandel/jhead/
I am trying to replace a specific link which exists on many html pages with its https version. I have tried:
grep -rl "http://server.iad.liveperson.net/hc/88956865/" ./ | xargs sed -i "s/http:\/\/server.iad.liveperson.net\/hc\/88956865\//https:\/\/server.iad.liveperson.net\/hc\/88956865\//g"
When I do this, even as sudo, I am getting
sed: couldn't open temporary file ./customers/sedTR3AMu: Permission denied
customers is just the first directory in ./. So, it is hanging on the first file I reckon, but not sure what is wrong beyond that.
Any help is appreciated!
First thing you should try is to run the sed command as stand alone, for a file that you previously know that contains that string. I have the feeling that the sed command might be complaining about the / characters...
You should try changing the sed command to something like:
sed -i 's;http://server.iad.liveperson.net/hc/88956865/;https://server.iad.liveperson.net/hc/88956865/;g'
That is, using ; instead of / as the delimiter, so you don't have to escape the / every time using \.
Had to run the command logged in as root because sed -i creates temporary files in /tmp and needed write access.
Thanks:Used jim's syntax with the semicolons which worked fine. ooga, I did not have to escape the literal periods.
Im struggling replacing filenames with parent folder name and conserving the different file endings.
Example;
.sp1/4287/4287/iho.cst
.sp1/4287/4287/iho.dbf
.sp1/4287/4287/iho.prj
.sp1/4287/4287/iho.shp
.sp1/4287/4287/iho.shx
renamed to;
.sp1/4287/4287/4287.cst
.sp1/4287/4287/4287.dbf
.
.
.
Im currently trying out zsh shell using zmv.
zmv '(*)/*' '$1/$1'
But this is matching all. I don't get how to escape the file endings (if possible). Also tried rename but without success.
Since I have multiple sp folders (sp2, sp3, ..spN) and since each e.g. sp1/ contain a lot of subfolders like 4287 with the same type of files, Im seeking a batch solution.
Any pointers would be appreciated.
UPDATE
This works when in spN/XXXX/;
zmv '(*)/*.(*)' '$1/$1.$2';
How can I write a loop going through the spN/XXXX/ folders and executing the above zmv code?
#!/usr/bin/env zsh
source ~/.zshrc
for i in ./*;
for y in i;
do
zmv '(*)/*.(*)' '$1/$1.$2';
done
I'm not really familiar with zmv, but I guess this will do it:
zmv '(*)/*.(*)' '$1/$1.$2'
I don't know zmv but try this script:
while read file
do
prefix=$(echo $file | sed 's|\(.*\)/.*$|\1|');
parent=$(echo $file | sed 's|.*/\([^/]\+\)/[^/]\+$|\1|');
child=$(echo $file | sed 's|.*/\([^.]\+\).*$|\1|');
ext=$(echo $file | sed 's|.*/[^.]\+\.\(.\+\)$|\1|');
mv "$prefix/$child.$ext" "$prefix/$parent.$ext"
done < <(find -type f)
EDIT: The first version doesn't work if the files or directories contains spaces.