Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: javascript injection
Top Forums Shell Programming and Scripting javascript injection Post 302109419 by cbkihong on Monday 5th of March 2007 08:38:26 PM
Old 03-05-2007
Quote:
Originally Posted by fed.linuxgossip
Please advise a script to get rid of the following code which is infected in a large number of files ( in particular php and html files )
Why fix the infected files? Don't you keep a sane copy of your static pages and scripts offline at a safe place?

Your CGI/PHP/etc. ought to be implemented in such a way to have converted '<' and '>' received to '&lt;' and '&gt;' before generating the output. Injection will not have been successful if this check exists.
 

5 More Discussions You Might Find Interesting

1. Cybersecurity

Javascript injection only when referred by search engine.

My website has some weird malware installed in it. When I click on a link from a search engine (google, bing, or even yahoo) my pages get a string of javascript inserted into them. The page can be a simple "Hello World" and it will still inject a line of javascript into the page. Here is a screen... (1 Reply)
Discussion started by: noPermissions
1 Replies

2. OS X (Apple)

Code injection

Im needing to create a postinst script for a debian package. I need it to search for this line of script in a plist file located at /folder/folder/folder/folder/folder/file.plist <key>TESTKEYLINE</key> <true/> and after it create a new line and insert this code <key>KEYNAME</key>... (0 Replies)
Discussion started by: iModdr
0 Replies

3. Shell Programming and Scripting

SQL Injection Detection

I want to grep/awk /var/log/httpd/mysite-access_log.log and check if 2 words from the following appear in a single line: benchmark union information_schema drop truncate group_concat into file case hex lpad group order having insert union select from (12 Replies)
Discussion started by: koutroul
12 Replies

4. Red Hat

Cause PCIe error callbacks using AER injection

I am trying to cause a callback in the Linux nvme driver by using AER injection. I've modified the AER source code to directly inject errors through module loading rather than from userland program. I've verified that I got the correct bus, dev, and fn and that the error injection went... (0 Replies)
Discussion started by: Decrypto
0 Replies

5. Shell Programming and Scripting

Making a script secure to code injection

Heyas I've been told my scipts would be insecure, and to fix that. Figured i might rethink some parts of my coding style, meanwhile i tried to write an additional catcher. After reading: fail : Security Issues - didnt help too much, infact - it confused me even more. n/a:... (8 Replies)
Discussion started by: sea
8 Replies

LEARN ABOUT DEBIAN

php-config5

php-config(1)							Scripting Language						     php-config(1)

NAME

       php-config - get information about PHP configuration and compile options

SYNOPSIS

       php-config [options]

DESCRIPTION

       php-config is a simple shell script for obtaining information about installed PHP configuration.

OPTIONS

       --prefix       Directory prefix where PHP is installed, e.g. /usr/local
       --includes     List of -I options with all include files
       --ldflags      LD Flags which PHP was compiled with
       --libs	      Extra libraries which PHP was compiled with
       --man-dir      The directory prefix where the manpages is installed
       --extension-dir
		      Directory where extensions are searched by default
       --include-dir  Directory prefix where header files are installed by default
       --php-binary   Full path to php CLI or CGI binary
       --php-sapis    Show all SAPI modules installed on the Debian system
       --configure-options
		      Configure options to recreate configuration of current PHP installation
       --version      PHP version
       --vernum       PHP version as integer

       SEE ALSO
	      php(1)

VERSION INFORMATION

       This manpage describes php, version 5.4.4-14+deb7u14.

COPYRIGHT

       Copyright (C) 1997-2010 The PHP Group

       This  source  file  is  subject to version 3.01 of the PHP license, that is bundled with this package in the file LICENSE, and is available
       through the world-wide-web at the following url:
       http://www.php.net/license/3_01.txt

       If you did not receive a copy of the PHP license and  are  unable  to  obtain  it  through  the	world-wide-web,  please  send  a  note	to
       license@php.net so we can mail you a copy immediately.

The PHP Group							       2010							     php-config(1)
All times are GMT -4. The time now is 07:35 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy