My site was hacked. And there is a code. What is it?

A

Azat Kiberov2019-01-13 10:59:37

JavaScript

Azat Kiberov, 2019-01-13 10:59:37

I went to the site. And I was redirected to another page.
I looked at the source code of my site and there I found this:

<script type="text/javascript">var pi={width:88,height:31,color:'2D8700'}</script>
<script type="text/javascript" src="http://www.e-partner.ru/a/base/pi.js"></script>

Looked at this code http://www.e-partner.ru/a/base/pi.js
There is the following:

/*
    NOTICE! You've requested a file that is not available for remote inclusion.
*/
try{
    window.location = 'http://www.e-partner.ru';
}catch(e){
    var rframe = document.createElement("iframe");
    rframe.setAttribute('width','1px');
    rframe.setAttribute('height','1px');
    rframe.setAttribute('frameborder','0');
    rframe.setAttribute('id','rfx');
    rframe.setAttribute('src','http://www.e-partner.ru');
    document.body.appendChild(rframe);
}

How was it embedded on my website? And how did it get there?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

Dmitry Kovalev, 2019-01-28
@PriestFromRL

How was it hacked? Yes, whatever you like - a backdoor, hacking the admin panel itself and there are many such options. The only thing that can be said is an exploit. All) More can not be said here. If there is old code, at least a week old, then look at their differences and remove the exploit.

R

Robur, 2019-03-09
@Robur

What's the code? - forces the user who came to your site to download also www.e-partner.ru. Why - who knows, maybe they just wind up views, maybe they track users.
How did he get to you? Do you want people to guess by the stars? Look for someone who understands and let him look at your site / server.