Virus from Script injection / Cross-Site Scripting

-

i had page on simple informational site restaurant hacked week, , i'm looking advice.  hacker managed iframe tag on site's home page, , contents of iframe nasty enough turn few computers doorstops, @ least temporarily.

 

my hosting company, hms, taking position tag got index.html page through script vulnerabilty, not through hole in server security.  i'm trying figure out got in.

 

some facts:

 

  • site html only.  not dynamic.
  • there was mail.asp page on server, not used or linked page. (and oddly enough site on linix server, i'm guessing contribute user fooling around @ point)
  • the site using opentable.com, online reservation system use iframe.(i'm asking them assess whether or not scripting issue.
  • the infected page, index.html, had no calls exterior scripts in - no calls exterior files @ all, not css file.it contained html tags, few images, , internal dw javascripts mm_swapimage.
  • the site enabled contribute. (i'm trying unsuccessfully remove that, that's story)

 

if can me understand how site compromised appreciate it.

passing buck, website hosting provider isn't good.  decent host have external firewall protection, , insist servers @ minimum yearly intrusion scans.  html page shouldn't cause servers brick, if it's virtual or shared solution.



More discussions in Dreamweaver support forum


adobe

Comments

Post a Comment

Popular posts from this blog

Flip address is out of range arduino uno r3

-
hello  guy, trying flash firmware on arduino uno rev3 atmega 16u2 using atmel flip. whenever try , import .hex file program, throws error " address out of range ." have looked around online , haven't found solution. , info helpful. here hex file : https://github.com/nicohood/hoodloader2/blob/master/avr/bootloaders/hexfiles/hoodloader2_0_5_uno_atmega16u2.hex its using arduino uno hid Arduino Forum > Using Arduino > Installation & Troubleshooting > Flip address is out of range arduino uno r3 arduino
Read more

Arduino Uno not uploading

-
hi guys, so, have arduino uno r3 (not wired thing) when try upload sketch (even empty sketch) first takes long in "uploading..." comes error: arduino: 1.8.0 (windows 10), board: "arduino/genuino uno" sketch uses 444 bytes (1%) of program storage space. maximum 32256 bytes. global variables use 9 bytes (0%) of dynamic memory, leaving 2039 bytes local variables. maximum 2048 bytes. avrdude: stk500_recv(): programmer not responding avrdude: stk500_getsync() attempt 1 of 10: not in sync: resp=0x9f avrdude: stk500_recv(): programmer not responding avrdude: stk500_getsync() attempt 2 of 10: not in sync: resp=0x9f avrdude: stk500_recv(): programmer not responding avrdude: stk500_getsync() attempt 3 of 10: not in sync: resp=0x9f avrdude: stk500_recv(): programmer not responding avrdude: stk500_getsync() attempt 4 of 10: not in sync: resp=0x9f avrdude: stk500_recv(): programmer not responding avrdude: stk500_getsync() attempt 5 of 10: not in sync: resp=0x9f avrdude...
Read more

Indesign and MathType fonts

-
i having trouble getting indesign recognize mathtype fonts.  have been told move mathtype fonts on 2 indesign font folder.  copied mt-extra font file mathtype folder , pasted indesign font folder.  nothing changed.  indesign still gives me blank box after copy mt-extra font mathtype -->illustrator-->indesign.   guess need instructions on how transfer of fonts done correctly.  i'v looked @ install fonts manual indesign, not clear me on how it.  need utility fontexplorer this, or there other way.  what's weird working fine until had reinstall osx , reinstall cs3, font trouble started.  need toggle "activate-reactivate' adobe cs3 , don't know how close 20 max on this, worried that.  (i suspect because of note on forum might necessary).  thoughts appreciated. i'm using windows, advice may worth nothing...   1) shouldn't have deactivate id recognize fonts. 2) design science gives fonts away in type 1 , truetype flavors....
Read more