Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest sNews - sNews 1.7 - with its own forums - for discussion and user mods.

Pages: 1 [2]

Author Topic: Javascript injection problem  (Read 7285 times)

Fred K

  • Still trying to learn stuff
  • ULTIMATE member
  • ******
  • Karma: 130
  • Posts: 2728
    • Personal
Re: Javascript injection problem
« Reply #15 on: December 29, 2007, 07:45:24 am »

Found some renegade files in a cgi-bin folder... should've thought to look there first.
However, there also seems to be some redirection at play (which I haven't set up), trying to redirect all incoming traffic to the site to the recently uploaded mobi1 template. After I'd removed all template folders you unfortunately get a permission denied message instead of anything else. I've put the host techs on it, but, being the holiday season and all, who knows when this will be sorted out.

I will be setting up a space on another domain for the templates, temporarily, though mobi1 will not be included...
Thanks for the support -- this community is truly the best one around -- and all I can say right now is: blame the asshats.
Logged

Sasha

  • Hero Member
  • *****
  • Karma: 28
  • Posts: 938
    • cssanarchy.com
Re: Javascript injection problem
« Reply #16 on: January 01, 2008, 09:09:04 am »

...

If anyone's interested in taking a look, add oldfiles/ before templates/ (example: www.frdk.com/oldfiles/templates/apple-green/), but be warned that it may still have the javascript running on it -- I can't find the generating file or command anywhere so currently I can't stop it... very aggrevating.


do not use FTP to look into your root directory.you must log in trhu your host web page and then look files.also you cannot delete folder thru FTP..You must log in again thru your web hosting web site and then go to your rooth ;)

some time FTP or other programs canot see malicus code
« Last Edit: January 01, 2008, 09:11:34 am by Sasha »
Logged
Every morning, I get up and look through the 'Forbes' list of the richest people in America. If I'm not there, I go to work. | If you love your job, you haven't worked a day in your life. snews with ♥

Fred K

  • Still trying to learn stuff
  • ULTIMATE member
  • ******
  • Karma: 130
  • Posts: 2728
    • Personal
Re: Javascript injection problem
« Reply #17 on: January 01, 2008, 09:26:36 am »

Thanks Sasha, but I did both ways. Ok, first time I did use my FTP client, but when that didn't have any effect --seemingly-- I used the cPanel's file manager to view and delete files. Which made no difference. (There were no malicious files visible in the file manager.) I always use my FTP client in "show invisible files" mode when I'm suspecting there may be renegade items on a server -- but that may not be enough. I don't know.
Logged
Pages: 1 [2]