1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

iframe hackers

Discussion in 'Programming' started by Blogmaster, Apr 4, 2007.

0
  1. #1
    a friend of mine keeps getting his servers hacked and adds iframes to the pages. Does anyone here have an idea what can be done to stop it? Thanks a lot in advance.



    Mike
     
    Blogmaster, Apr 4, 2007 IP
  2. Gunda

    Gunda Guest

    Messages:
    344
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    0
    #2
    is he using any php related software or is this html pages
     
    Gunda, Apr 4, 2007 IP
  3. Smyrl

    Smyrl Tomato Republic Staff

    Messages:
    13,740
    Likes Received:
    1,702
    Best Answers:
    78
    Trophy Points:
    510
    #3
    I have read on this forum some code you can put in your pages that will break them out of other's iframes. Don't know if that would help with this scenario.
     
    Smyrl, Apr 4, 2007 IP
  4. ServerUnion

    ServerUnion Peon

    Messages:
    3,611
    Likes Received:
    296
    Best Answers:
    0
    Trophy Points:
    0
    #4
    How about just securing the server.
     
    ServerUnion, Apr 4, 2007 IP
  5. Blogmaster

    Blogmaster Blood Type Dating Affiliate Manager

    Messages:
    25,924
    Likes Received:
    1,354
    Best Answers:
    0
    Trophy Points:
    380
    #5
    here is what he told me


    ... we've seen both... php sites, and sites
    with nothing but html getting hit.

    There are also 2 kinds of attack: one sticks straight iframe text in, the
    other uses a self-decrypting java script that writes the iframe to the
    users' browser.
     
    Blogmaster, Apr 4, 2007 IP
  6. clancey

    clancey Peon

    Messages:
    1,099
    Likes Received:
    63
    Best Answers:
    0
    Trophy Points:
    0
    #6
    I agree with ServerUnion, your friend needs to make sure the server is secure. It is not possible for someone to edit your page so that it contains frames and/or malicious javascript without having access to the actual document.

    This is not to say that going to your friend's site from another one cannot cause it to be displayed in a frame instead of on its own page -- or that any AJAX pages cannot be interfered with by a hacker who is managing to get someone to access your site from their's.
     
    clancey, Apr 4, 2007 IP
    Blogmaster likes this.
  7. phper

    phper Active Member

    Messages:
    247
    Likes Received:
    17
    Best Answers:
    0
    Trophy Points:
    60
    #7
    Sounds very much like XSS (Cross Site Scripting) issue here.
    Does the site allow user to input something to it? e.g.: post a message, add a comment, etc. If it does, you need to make sure that any HTML special characters (angle brackets, ampersands, quotes, et al) are properly "sanitized".
    i.e.: angle brackets should be converted to > and <, ampersands to &, quotes to ", ...
     
    phper, Apr 4, 2007 IP
    Blogmaster likes this.
  8. Blogmaster

    Blogmaster Blood Type Dating Affiliate Manager

    Messages:
    25,924
    Likes Received:
    1,354
    Best Answers:
    0
    Trophy Points:
    380
    #8
    will try to find that thread
     
    Blogmaster, Apr 4, 2007 IP
  9. ccoonen

    ccoonen Well-Known Member

    Messages:
    1,606
    Likes Received:
    71
    Best Answers:
    0
    Trophy Points:
    160
    #9
    verify that the the folder has only read/script access, no WRITE access. XSS is possible, just remove an interactive forms... one by one to see which one is getting hacked...
     
    ccoonen, Apr 4, 2007 IP