UCJ users who are having encoded javascript added to their index page - GoFuckYourself.com

V_RocKs · 01-27-2005, 02:42 PM

More and more UCJ users are coming to me and asking about a script that embeds itself into their index pages. This script is being added by apache. Someone has hacked your server and replaced the httpd file. A quick fix is to modify the body tags by adding a space between the last character in the tag and its closing bracket.

This:

Quote:

Becomes this:

Quote:

Next, have your host recompile apache and reinstall it. Then copy that reinstalled file somewhere on your server so you can just copy it back if this happens again. Then, figure out how they got in and make sure you have read and complied with the UCJ security announcement pinned at their forum and in the news section of your UCJ admin.

Nysus · 01-27-2005, 02:45 PM

Is this related to the recent security hole found? Been fixed for most people.. though I guess if someone was targetting your site they could make changes quickly.

Matt

01-27-2005, 02:45 PM	#2
Nysus Confirmed User Industry Role: Join Date: Aug 2001 Posts: 7,817	Is this related to the recent security hole found? Been fixed for most people.. though I guess if someone was targetting your site they could make changes quickly. Matt __________________ What name is pr0 / Untouched Markets using these days? Untouched Markets - pr0 - Refund My Money Now Someone owes me $2,000 because they didn't do any work that was paid for pointing at pr0 / William / UntouchedMarkets See https://gfy.com/fucking-around-and-business-discussion/948258-untouchedmarkets-pr0-refund-money-post16744521.html and for more detailed see https://gfy.com/fucking-around-and-business-discussion/948645-re-recent-bullshit-drama-explained-detail-pr0-untouched-markets.html