FUCK ME@#$#@$ Maybe hacked can somone look at this code for me please?
 

This seems to be on a lot of my web pages on my server
<.....script language...="ja.vascript">
window.open ("http://vb-aus.com/traff/index.php","","toolbar=1,location=1,status=1,men ubar=1,scrollbars=1");
window.focus ();
</sc.rip.t>
\
I put in . so it wont work here. Has anyone seen this before?
TOM

yes, it's the infamous "test popup" virus. very dangerous in the wild.

Ok its even on webpages that I havent even touched in months, is there a fix I need all info to show my host. How the hell grrrrr

there is no way to fix it. you are doomed.

it seems to be only on index.html pages

:321GFY :321GFY :321GFY :321GFY :321GFY

:helpme

Kaspersky blocked access to that page. So I guess it's full of shit code. How it could be on your page? No idea..Ask your host. Who is it?

yea its weird HAVE NO idea how it got on my pages I put in a request to the host and knowing my host they will have it taken care of asap. At least ya tried to help, Thanks bro

I have no clue on these types of things... IM doing another scan on my home pc to see if it is something on my end that caused this doubt it though.. There are static webpages on my server that has this code in it. If it aint one person trying to fuck you its a whole network :feels-hot

For one of the biggest boards I am very supprised to see no one knows of this :(

TOM

:feels-hot :feels-hot :helpme

what operating system is your webs server running?

LINUX

A bit more specific perhaps? There are many variations. :winkwink:

Linux version 2.4.20-28.7
([email protected]) (gcc version 2.96 20000731 (Red Hat Linux 7.3 2.96-126))

not hacked , but you have a virus on the server that re-wrote your html files.

dont just delete them.

notify your host that they have been hacked and make them fix it.

ps. dont let them try to convince you this was your fault ( unless its your own server then it is your fault kind of )

delete everything and throw your server away.

What host is it? And do you manage the box or is it managed?

Andre

is it reall worth dealing with?

not a virus on a linux server :)

Here are a few things you can do to prevent this from happening again:

1) switch to ssh from telnet and kill the telnet daemon.

2) kill the ftp daemon and use scp (with ssh)

3) modify the hosts.allow files to allow access from only a few IPs (for ssh)

and check your file permissions it is pretty weird that they rewrote all your files.
somehow they gained ftp access with privileges
or your permissions or server are not safely configured.

i have only seen virus attack IIS not apache.

Holy fuck i think i know what happend thanks all :)

If you were being hacked 9 times out of 10 your keys would be logged. And there is nothing a malicious hacker hates more than when you go running around talking about you got hacked. So in the future, get on another computer that is not infected or call someone and ask them to help or get help. Chatting with your friends or typing "Man I think I am being hacked" does nothing more than empower the person there watching you, they feed on fear and when they are found out, usually punish you by deleting files or using the info they have found about you.

Damn never thought about it like that, but it wasn't me being hacked Think we fig it out a simple mistake. But my hosting company is top notch and I really was never scared only thing I was, was pissed thinking I had to re upload things over again..

Thanks everyone for your input and inabon

:thumbsup

Tom