IFrame Injection Hack – Recovery

19 Dec, 2012 Tips and Tricks 0 Comments 2 Votes

If you’ve noticed traces of iframe injection attack on your website, you can use the following steps to try reverse the damage.

[alert]Backup your data prior to beginning this procedure.[/alert]

Use the following command to search for affected files in your web directory.

find . -type f | xargs grep -l '<iframe.*malware.com.*iframe'

Next, use the following command to search and replace on matched iframe text only.

find . -type f -exec sed -i 's/<iframe.*malware.com.*iframe>//g' {} ;

Replace malware.com with the actual name of the offending website.

The commands above will not work if you have filenames with blanks in their names. To fix this, use the following commands:

find . -type f -print0 | xargs -0 grep -l '<iframe.*malware.com.*iframe'

find . -type f -exec sed -i 's/<iframe.*malware.com.*iframe>//g' "{}" ;

Was this article helpful?

Spread the word!

Why should you choose #WebHostingBuzz? Our staff at WebHostingBuzz is passionate about everything related to… https://t.co/R4UgUEMJwl

2 years ago
Need to contact us? At #WebHostingBuzz, we have an experienced technical support team working around the clock 365… https://t.co/NVicUvPD31

2 years ago
"I was helped with an issue almost as soon as I requested and the issue was soon after fixed." https://t.co/oKCczEwSVF

2 years ago
Web Hosting Buzz has so much to offer clients when it comes to the latest advancements in IT systems. We invest in… https://t.co/NbRIrWZIpD

2 years ago
4 Mistakes to Avoid When it Comes to Security Software Installation. Read more: https://t.co/a7MAKrzGU5 https://t.co/hdWLixi8u8

2 years ago