1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Solution to <IFRAME> and JAVA SCRIPT HACK

Discussion in 'Security' started by Irfi0009, Jun 24, 2008.

  1. dusk

    dusk Peon

    Messages:
    1
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #21
    For the first time i've encountered the problem of an iframe-virus myself, I searched and searched for a solution, also made a script to remove the iframe injections automatically but that's just a little bandage on an open wound...it does the job of removing the entries but it doesn't protect against such an attack. I actually had to force the admins of my site to cleanup their pc's before I granted them acces to the ftp-account again.
    As mentioned in this thread there's only the solution of reformatting the pc/mac (ow yeah it does embed itself into macos to :s) ...changing passwords of all ftp accounts on the server and panels (d.a. , cpanel)...
    SEMrush
    Till now i haven't found another solution :s
     
    dusk, Jul 10, 2009 IP
    SEMrush
  2. zeewaqar77

    zeewaqar77 Active Member

    Messages:
    399
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    60
    #22
    Thanks for the help.... I am suffering badly for this IFrame S****
     
    zeewaqar77, Sep 25, 2009 IP
  3. SecureCP

    SecureCP Guest

    Messages:
    227
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #23
    Good work. Many people have complained that it's not them and only the host. I've recently found the same issue in insecure directories which a file is uploaded and then once accessed it deploys the code to all of your .php files. This particular version affected only php files, not text nor html nor java, etc... just php. I've also found that if the root file is not removed, the code will continue to replicate like cancer in your site.

    Another version I've caught which is much more obvious to webwasters is one that will cut all of the affected files in have rather than injecting them in a unseen/unheard manner. Odds are you'll be missing half of a site or you'll see parse errors.

    I must stress, always make backups. Once the site is clean, and you know for sure it's clean, not just google saying it's clean, create a full backup and set it aside, maybe on a cd/dvd/thumbdrive, not your hdd, just in case.
     
    SecureCP, Sep 25, 2009 IP
  4. Your Lover For Ever

    Your Lover For Ever Peon

    Messages:
    172
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #24
    thanks for the tips
    We really need this
     
    Your Lover For Ever, Oct 9, 2009 IP
  5. SecureCP

    SecureCP Guest

    Messages:
    227
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #25
    More signs, your server may be making tons of connections to 88.151.113.6 or other IPs you don't recognize.

    You really have to look for these. This one I just mentioned isn't an iframe, but a base64.

    If anyone needs help, holler.
     
    SecureCP, Oct 9, 2009 IP
  6. shren.ching

    shren.ching Guest

    Messages:
    54
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #26
    thanks for suggestion
     
    shren.ching, Nov 2, 2009 IP
  7. n3r0x

    n3r0x Active Member

    Messages:
    257
    Likes Received:
    4
    Best Answers:
    1
    Trophy Points:
    70
    #27
    Note: 90% of these hacks are made due to iStealers and other passwordstealers the so called "hacker" put on warez sites and torrentsites. Easy fix Stop downloading "FreeWare" from untrusted sources.
     
    n3r0x, Nov 3, 2009 IP
  8. shren.ching

    shren.ching Guest

    Messages:
    54
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #28
    I am agree with with solution but it is not worked in majority virus problems.
     
    shren.ching, Nov 23, 2009 IP
  9. ads2help

    ads2help Peon

    Messages:
    2,148
    Likes Received:
    68
    Best Answers:
    1
    Trophy Points:
    0
    #29
    ads2help, Nov 24, 2009 IP
  10. Irfi0009

    Irfi0009 Banned

    Messages:
    17,586
    Likes Received:
    33
    Best Answers:
    1
    Trophy Points:
    48
    #30
    Yes that is most important.
     
    Irfi0009, May 27, 2010 IP
  11. gopkris2000

    gopkris2000 Peon

    Messages:
    86
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #31
    All my files are infected with iframe.. Its very difficult to remove each and every files in my linux server. Is there any simple command to search and remove iframe injection code in every files?
     
    gopkris2000, May 30, 2010 IP