verycentral
04-27-2011, 10:12 AM
My bluehost sites have all been stopped by bluehost. It seems I was hacked, probably as a result of a trojan on one of my computers. The trojan has been removed, and all FTP accounts also removed. However I now have to remove a line of HTML from dozens of webpages, all with the file name index.html or index.php.
The line of code is as follows:
<img heigth="1" width="1" border="0" src="http://imgaaa.net/t.php?id=XXXXXXX">
After the ID there are seven digits, XXXXXXX, the last three of which change from instance to instance.
So using SSH, how do I execute a find and replace, remembering that the code in the line of HTML might disrupt an SSH find and replace - it has got inverted commas in it, for example. Also, I need to remove the last three digits, so a simple find and replace won't help - or rather, it would leave me with three digits.
If it's any help, the inserted html comes at the end of a page, after the </html>.
Thanks!
The line of code is as follows:
<img heigth="1" width="1" border="0" src="http://imgaaa.net/t.php?id=XXXXXXX">
After the ID there are seven digits, XXXXXXX, the last three of which change from instance to instance.
So using SSH, how do I execute a find and replace, remembering that the code in the line of HTML might disrupt an SSH find and replace - it has got inverted commas in it, for example. Also, I need to remove the last three digits, so a simple find and replace won't help - or rather, it would leave me with three digits.
If it's any help, the inserted html comes at the end of a page, after the </html>.
Thanks!