I just noticed that my website got hacked and all the .php files have a base64 encode string on line 1. The string is the same across every file so...
How can I search my entire root directory and remove this?
try:
find /path/to/dir -type f -name '*.php' -exec sed -i '/string-to-remove/{1d;}' '{}' \;
edit:
added -name '*.php' to restrict this to .php files.
added sed matching directive
Related
I have a Linux server and want to search all the .htaccess files in all the folders (public_html webroot and subfolders) that have a certain word (eg ldap) in it. I also want the file paths returned to these .htaccess files with the word in it and saved to a text file.
Can I do this with grep or find and what syntax is optimal.
I tried find . -type f -printf '"%p"\n' | xargs grep ldap > /tmp/results.txt but want to only search .htaccess files exclusively.
Thanks
Following your example, try using:
find . \( -type f -name .htaccess \) -print0 | xargs -0 grep -H ldap > /tmp/results.txt
this find will list null-terminated files .htaccess in . directory, and xargs -0 pass them to the grep. grep -H ldap will list files containing ldap string with filenames.
Using a one-line bash command with GitBash on windows, using find and cp, I am backing up a bunch of script files that exist in multiple sub-directories. I am currently backing them up to a single directory. As you can imagine, naming conflicts arise. This is easy enough to avoid with the --backup=numbered option which creates a copy of the file. However, the problem with this is that it puts the number AFTER the file extension, naming the file like this: example.js.~2~. What I want is to preserve the file extension and name the file like this: example2.js rather than putting the number after the file extension. Is there any way to do this?
Another option would be to prepend the directory name (from the directory that it is being copied from) to the file that is being copied instead of adding a number. I would accept either of these as a solution.
Here is what I have so far:
find . -path "*node_modules*" -prune -o -type f \( -name '*.js' -or -name '*.js.map' -or -name '*.ts' -or -name '*.json' \) -printf "%h\n" -exec cp {} --backup=numbered "/c/test/" \;
Any help would be appreciated! Thank you!
what about :
#!/bin/bash
# your find command here
FILES=$(find . -type f .....)
# loop through files and create a new filename with the path within ( slashes replaced by underscores
for FILE in $FILES; do
NEW_FILENAME=$(printf "%s" "$FILE" | sed s/\\//_/g)
cp "$FILE" "/c/test/${NEW_FILENAME}"
done
from your question, I am unsure if a one liner is mandatory...
I want to copy all the log files from a directory which does not contain log files, but it contains other subdirectories with log files. These subdirectories also contain other subdirectories, so I need something recursive.
I tried
cp -R *.log /destination
But it doesn't work because the first directory does not contains log files. The response can be also a loop in bash.
find /path/to/logdir -type f -name "*.log" |xargs -I {} cp {} /path/to/destinationdir
Explanation:
find searches recursively
-type f tells you to search for files
-name specifies the name pattern
xargs executes commands
-I {} indicates an argument substitution symbol
Another version without xargs:
find /path/to/logdir -type f -name '* .log' -exec cp '{}' /path/to/destinationdir \;
I am using Linux CentOS. I have many folders inside my www directory and there are a lot of files inside those folders. I would like to change in those files:
www.mysite.com
to
www.myNewSite.com
Is there a way to run q command and that will replace all?
You can use sed command. Below is the command. I tested and seems working.
[chatar#/Users/chatar]$ find test -name '*.php'
test/folder1/one.php
test/folder1/two.php
test/folder2/four.php
test/folder2/three.php
[chatar#/Users/chatar]$ find test -type f -name '*.php' -exec grep www {} \;
www.mysite.com
www.mysite.com
www.mysite.com
www.mysite.com
[chatar#/Users/chatar]$ find test -type f -name '*.php' -exec sed -i -e 's/mysite/myNewSite/g' {} \;
[chatar#/Users/chatar]$ find test -type f -name '*.php' -exec grep www {} \;
www.myNewSite.com
www.myNewSite.com
www.myNewSite.com
www.myNewSite.com
[chatar#/Users/chatar]$
sed --in-place 's/www.mysite.com/www.myNewSite.com/g' *.php
should do the trick.
You can also use a Perl on-liner:
perl -pi -e 's/www\.mysite\.com/www.myNewSite.com/g' *.php
If you want to keep copies of the original files (with .bak extensions), use:
perl -pi.bak -e 's/www\.mysite\.com/www.myNewSite.com/g' *.php
I want to find and remove code in all .htaccess files and directories under /home directory
RedirectMatch \.(dynamiccontent|pl|plx|perl|cgi|php|php4|php4|php6|php3|shtml)$ http://domain.com/cgi-sys/movingpage.cgi
What is the bash command to do this job ?
edit:
i tried this command
find /home*/*/public_html/ -mindepth 1 -iname "\.htaccess" -type f -exec grep -Hi "RedirectMatch*" '{}' \;
but this command find only the code , not remove it , also the code find all redirectmatch code not the specific code i mention at the first of my question
You can probably try this sed command:
sed -i.bak '/RedirectMatch \\\.(dynamiccontent/d' .htaccess