FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


(Unsolved) Malicious Javascript Code





LostOverThere
Hello,

Recently, some of my files on my server have had malicious javascript code inserted into them. The code seems to link back to http://blog.nodisposable.com and has been evident in a number of my files.

I was wonder whether, firstly, there was a way to scan the contents of my files to check for the malicious code, and secondly if there was anything I could do to prevent this from happening again.

I have changed my passwords, and scanned my computer time and time again to make sure it's clean and nothing comes up (with Spybot: Search and Destroy, Ad-Aware Pro, and SuperAntiSpyware).

Thank-you.
SonLight
You could backup your site, download it, and do a search for the bad site name (probably after unzipping). There might be a simpler way using ftp.

I went to the site you mentioned since I don't run Windows and do not worry much about malware. It is in German and I didn't see any obvious clues to who they are.

I hope you are able to clean it up OK.
silverdown
You can check this out

Code:
http://thepcsecurity.com/scan-or-check-websites-for-malware-4-free-tools/


Also using a password with numbers at the begining, end or both will prevent a brute force from optianing it.
LostOverThere
Thanks silverdown, but unfortunately it didn't really help.

Any other suggestions?

Really, I just want to know if firstly, there was a way to scan the contents of my files to check for the malicious code, and secondly if there was anything I could do to prevent this from happening again.
LostOverThere
Sorry for the double bump, but I was wondering if anyone had any other suggestions?
AftershockVibe
This can be done pretty easily using Linux command line tools. Download the site to your local computer and use the following:

Code:
cd /somedirectory
find . -type f | xargs grep -l "STRING THAT YOU WANT"


That will give you a list of files containing the string. If you don't have linux installed then you can use a live CD.

As for preventing it happening again, ensure that your software is up-to-date as well. Old versions may contain security exploits that allow write access to your files.
LostOverThere
AftershockVibe wrote:
This can be done pretty easily using Linux command line tools. Download the site to your local computer and use the following:

Code:
cd /somedirectory
find . -type f | xargs grep -l "STRING THAT YOU WANT"


That will give you a list of files containing the string. If you don't have linux installed then you can use a live CD.

Fantastic, this really helped! Thank-you so much. Now I'm just hoping it wont happen again. Smile
Related topics
how to hide Javascript code into GIF Image?
Malicious script I can't seem to get rid of...
breaking code lines on javascript
javascript code that rock
PB PHP, Iframe and Javascript
Tutorial: Image Rollovers w/ Javascript
Java tutorials
Help needed with Javascript and overflow
What's your JavaScript editor?
Javascript conversion
How? : Javascript Select All [solved]
Is this javascript valid?
javascript huge problem
Hide Email Address With Javascript - Worth It?
Reply to topic    Frihost Forum Index -> Support and Web Hosting -> Web Hosting Support

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.