Mass find/replace...

Marc Coyles mcoyles at
Fri Dec 5 01:18:08 PST 2008

> + not \; or you will fork on every result.
> Additionally, is this injected code one long string or broken down
> by the
> mailer? Grep isn't the best way to deal with it. It's pretty easy
> to correct
> with perl, bit trickier if it's multiline, still not too hard:
> find /home/horbury -type f -exec \
> 	perl -pi.bak -e 's,<\? /\*\*/eval\(base64_decode\(.*?\?>,,s' {} +

Sadly that didn't work. It created .bak files for everything within /home/Horbury recursively, but didn't make any changes - the base64_decode is till present. 

Additional point to note: this only needs performing on .php files, not all files... 

Would I be correct in guessing it's because the string for perl to search for omits a space?

IE: within the files, it's as follows:
<?php /**/eval(base64_decode('thestring')); ?>

Whereas the perl appears to be looking for:

Also... how to delete all files ending in .bak recursively? *grin*

I'm presuming it'd be:

Find /home/horbury -type f -name "*.bak" -exec \
	Rm *.bak



More information about the freebsd-questions mailing list