Remove Injected PHP code from hackers

Here’s a quick little php script to batch process all your .php files and remove base64_decode junk if your site has been hacked. Just save this as a php file, upload it to your website and visit that page in your web browser.

$tmpdir = "./";
$rmcmd = `find $tmpdir -name "*.php" -type f | xargs sed -i 's#<?php /\*\*/ eval(base64_decode(".*?>##g' 2>&1`;
echo "Finished";