homepage Welcome to WebmasterWorld Guest from 54.242.231.109
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
Forum Library, Charter, Moderator: open

JavaScript and AJAX Forum

    
bs.serving-tracking.com javascript injection
How does it get onto the site?
jastra




msg:4405886
 2:42 pm on Jan 11, 2012 (gmt 0)

Does anybody have experience with the bs.serving-tracking.com javascript injection?

I have a site that was reported by Google to be infected with the above code. In Webmaster Tools they gave an example of at least one page where the code was found.

Unfortunately for me (I don't know javascript) the code does not appear on any page when viewed live on the server-- it's only visible in the browser's VIEW > SOURCE.

So it is getting injected from some unknown file, and I still can't find it. The client, of course if apopleptic and I forsee hours of digging.

This site and a couple of others was hacked through Filezilla's XML password file. Javascript was only inserted into the first line of the index page. I changed the FTP password and that stopped. This latest episode (on only one of the 4 previously infected sites) may or may not be related.

I changed the FTP password and do NOT save them to the Filezilla site manager file any longer.

There is an email contact form on the site.

Any suggestions please?

 

penders




msg:4405906
 3:50 pm on Jan 11, 2012 (gmt 0)

This site and a couple of others was hacked through Filezilla's XML password file.


Where is this password file?

jastra




msg:4405911
 4:05 pm on Jan 11, 2012 (gmt 0)

penders, I sticky mailed you with a URL where I read of this issue.

penders




msg:4405921
 5:00 pm on Jan 11, 2012 (gmt 0)

The reason for my question is that this password file should be stored on your local machine - which I believe it is. If your sites have been hacked through access to this file then it sounds as if your computer has been infected with malware/virus!?

Whilst there is a potential vulnerability in Filezilla's XML files, this is only a problem if the host computer has been hacked.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved