0 ) {
$files[] = $more_files;
}
}
}
else {
if ( strpos($f, '.php') !== false ) {
$contents = explode("\n", file_get_contents($path));
if ( strpos($contents[0], ' 0 ) {
foreach ( $files as $file ) {
if ( is_array($file) ) {
print_files($file);
}
else {
echo $file . '
';
}
}
}
}
function fix_files( $files ) {
foreach ( $files as $file ) {
if ( is_array($file) ) {
fix_files($file);
}
else {
$contents = explode("\n", file_get_contents($file));
unset($contents[0]);
$f = fopen($file, 'w');
if ( $f ) {
$the_content = implode($contents, "\n");
fwrite($f, $the_content, strlen($the_content));
fclose($f);
echo "Removed first line containing eval(base64_decode)from $file...
";
}
}
}
echo "
Done!
";
}
function get_count( $files ) {
$count = count($files);
foreach ( $files as $file ) {
if ( is_array($file) ) {
$count--; // remove this because it's a directory
$count += get_count($file);
}
else {
$count ++;
}
}
return $count/2; //double counting :-)
}
?>
Infected Files in
0 ) :
if ( $_POST['do_fix'] ) :
fix_files( $files );
die();
endif;
print_files($files);
?>