Malicious Script upload

L

lost

Well-Known Member
Aug 19, 2003
73
0
156
hello,
someone manages to upload a script line in this format to several of my servers. This script line shows up in random useraccounts in random folders.

<script>x=8;es="108;102;105;126;97;104;..........................etc.......etc...........

This script causes havoc for people visiting the affected websites.

Has anyone else had this happen and how do you protect against it? I.e. what mod_security rules could be effectively used?
If anyone can help, please respond

Thanks
L
 
R

ramprage

Well-Known Member
Jul 21, 2002
651
0
166
Canada
This sounds like an XSS attack. You need to find the source of where this is coming from.

EG:
# WEB-PHP PHP-Wiki cross site scripting attempt
SecFilterSelective THE_REQUEST "<script"
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
P Search for a malicious mail script Security 4
Bashed Malicious Spam Scripts Security 2
postcd SOLVED Malicious perl script on account Security 3
Bashed need help preventing malicious spam .php scripts Security 11
H Plugin to remove malicious scripts from website Security 3
Similar threads
Search for a malicious mail script
Malicious Spam Scripts
SOLVED Malicious perl script on account
need help preventing malicious spam .php scripts
Plugin to remove malicious scripts from website
Top Bottom