My Website Hacked but can't find problem!

Discussion in 'Web Design and Development' started by Maxiseller, Jan 28, 2011.

  1. Maxiseller, Jan 28, 2011
    Last edited: Feb 17, 2011

    Maxiseller macrumors 6502a

    Maxiseller

    Joined:
    Jan 11, 2005
    Location:
    Little grey, chilly island.
  2. Maxiseller, Jan 28, 2011
    Last edited: Feb 17, 2011

    Maxiseller thread starter macrumors 6502a

    Maxiseller

    Joined:
    Jan 11, 2005
    Location:
    Little grey, chilly island.
    #2
    Code for page Google said is infected:

    Code removed.
     
  3. junker macrumors 6502

    junker

    Joined:
    Jul 3, 2006
    Location:
    An obtuse corner of the Triangle
    #3
    I honestly have no business commenting here, as my JS knowledge is terribly weak, but I liked the challenge. :)

    Would this be part of the problem maybe?

    allowScriptAccess="always"

    Does that allow foreign code to execute?

    Hopefully someone else solves this, cause I'm curious too.
     
  4. junker macrumors 6502

    junker

    Joined:
    Jul 3, 2006
    Location:
    An obtuse corner of the Triangle
    #4
    Also, is this smiley allowed in JS scripting?

    "clsid27CDB6E-AE6D-11cf-96B8-444553540000"

    Whoa...it won't paste. Well for me between id and 27 in that line I have a smiley face graphic....odd. Do you see it in the MR forum or is just in my browser?
     
  5. designguy79 macrumors 6502

    Joined:
    Sep 24, 2009
    Location:
    Michigan
    #5
    Did you know that there is a link to http://www.internet-ink.co.uk at the bottom of your page?

    If you didn't put it there, then someone else has access to your web files!

    Do you use FTP to upload your files? If so, it is important to know that FTP is sent in "plain-text", so anyone on the same network that you are can very easily "sniff" your FTP info.

    I would definitely change your FTP password and ask for a FTP log from your host (times and dates of FTP logins/login attempts)

    HTH,

    ~ Jeremy
     
  6. aykhwang macrumors newbie

    Joined:
    Feb 28, 2010
    #6
  7. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #7
    Yea, empty links hiding at the bottom of pages is definitely a red flag, and Google can spot these and very possibly is what caused the email to the OP. It's too bad Google's emails are never more helpful as it's their software that makes the detection.
     
  8. ChicoWeb macrumors 65816

    ChicoWeb

    Joined:
    Aug 16, 2004
    Location:
    California
    #8
    Looks fine from here. Usually it's a pretty obvious JS or iframe that has been maliciously inserted and it sticks out.
     

Share This Page