SitePoint Sponsor

User Tag List

Results 1 to 11 of 11
  1. #1
    SitePoint Zealot
    Join Date
    Sep 2002
    Posts
    161
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Cool Virus Infected Old ASP Code: What would you do with this website?

    Hi Everyone

    I'm currently the Administrator for the website www.rockinghamwa.com but unfortunately all of the forms have recently been injected with malicious JavaScript code therefore posing a risk to visitors while totally screwing up most of the webpage content. The web host we currently use for this website does not allow me to edit the code AT ALL and are unwilling to help in any way.

    I need to know the best way to deal with this problem, so which option would you choose below:

    1) Attempt to transfer the ASP coded website and SQL Server Database to a new web host who lets me have access to the entire website via FTP to fix (eventually) the malicious JavaScript injection code.

    2) Redesign the website completely using more modern programming techniques (prob PHP & MYSQL since my ASP skills are poor) and use a web host that allows me to edit the webpages and database.

    3) Another option you can think of.

    Thanks in advance to anyone who helps me out.

    Cheers

    Richard

  2. #2
    SitePoint Member Boss_Numbat's Avatar
    Join Date
    Jul 2006
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi Richard,

    Outside of taking the Web site out-the-back and whacking it with a 'whacking-stick' really hard before swiftly burying it under several tonnes of rubble. I would go with option number two:

    (2.) Redesign the website completely using more modern programming techniques (prob PHP & MYSQL since my ASP skills are poor) and use a web host that allows me to edit the webpages and database.
    Have you seen the Google Safe Browsing diagnostic page for www.rockinghamwa.com - it states:

    Warning: Visiting this site may harm your computer!
    The website at www.rockinghamwa.com appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that hosts malware can infect your computer.

    What is the current listing status for www.rockinghamwa.com/?
    Site is listed as suspicious - visiting this web site may harm your computer.

    Part of this site was listed for suspicious activity 9 time(s) over the past 90 days.

    What happened when Google visited this site?
    Of the 488 pages we tested on the site over the past 90 days, 96 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 09/09/2008, and the last time suspicious content was found on this site was on 09/09/2008.

    Malicious software includes 113 scripting exploit(s), 2 trojan(s), 1 exploit(s). Successful infection resulted in an average of 3 new processes on the target machine.

    Malicious software is hosted on 56 domain(s), including gbradw.com, keec.ru, canclvr.com.

    13 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including canclvr.com, coldwop.com, douhunqn.cn.

    Source: http://safebrowsing.clients.google.c...hrome&hl=en-US
    A complete revamp would be my option, if I was in your shoes.

    Regards,
    BN
    Last edited by Boss_Numbat; Sep 10, 2008 at 21:01. Reason: Added Google source URL
    In dentibus anticis frustrum magnum spiniciae habes

    W3C Sites - http://www.w3csites.com/

  3. #3
    dooby dooby doo silver trophybronze trophy
    spikeZ's Avatar
    Join Date
    Aug 2004
    Location
    Manchester UK
    Posts
    13,807
    Mentioned
    158 Post(s)
    Tagged
    3 Thread(s)
    You have a host that wont allow you to edit the code?!!!!
    Short answer -
    (2.) Redesign the website completely using more modern programming techniques (prob PHP & MYSQL since my ASP skills are poor) and use a web host that allows me to edit the webpages and database.
    Get rid and move to ANY OTHER host!
    Mike Swiffin - Community Team Advisor
    Only a woman can read between the lines of a one word answer.....

  4. #4
    SitePoint Zealot
    Join Date
    Sep 2002
    Posts
    161
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for the responses guys, so even if I did move hosts the webpages would still be vulnerable to JavaScript injection because of the out dated ASP code used, correct?

    Cheers

    Richard

  5. #5
    SitePoint Enthusiast
    Join Date
    Dec 2004
    Location
    china
    Posts
    52
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    My website was infected months ago. I removed the malicious js code with the batch replace feature of UltraEdit.

  6. #6
    SitePoint Guru cyjetsu's Avatar
    Join Date
    May 2008
    Posts
    814
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Why would your host not allow you to edit your own code on your server space? I can only presume it is because you lost your password or something?

  7. #7
    SitePoint Zealot
    Join Date
    Sep 2002
    Posts
    161
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by cyjetsu View Post
    Why would your host not allow you to edit your own code on your server space? I can only presume it is because you lost your password or something?
    It was designed in 1998 and I think the CMS they use controls ALL of the sites they host so if I went tinkering with anything it would effect their other clients sites too. This is the only reason I can think of, or they simply don't trust me because the way the website was initially designed is crap.

  8. #8
    SitePoint Guru cyjetsu's Avatar
    Join Date
    May 2008
    Posts
    814
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sounds weird to me. Whats the point in having a webhost if you cant even change the website pages in your own server space?
    Im no expert in hosting or servers but it sounds to me like yours is useless.

  9. #9
    SitePoint Zealot
    Join Date
    Sep 2002
    Posts
    161
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by cyjetsu View Post
    Sounds weird to me. Whats the point in having a webhost if you cant even change the website pages in your own server space?
    Im no expert in hosting or servers but it sounds to me like yours is useless.
    They are useless and can do it because the CMS they have designed for us 10 years ago requires a particular server setup to work but as you can see I'm working on getting a fix by changing web hosts.

  10. #10
    SitePoint Guru cyjetsu's Avatar
    Join Date
    May 2008
    Posts
    814
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    So you mean there was some proprietary interface you needed to edit anything. Well if there was, the host should provide it I think so if they can't that's stupid. Good luck with finding a new host. Let us know which one you choose.

  11. #11
    SitePoint Zealot
    Join Date
    Sep 2002
    Posts
    161
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I ended up asking the host for a quote to fix the website code to prevent injections which came back as $300 for the fix. Instead of paying it we decided the website was too old and too hard to reconfigure to become successful again so it was in everyones best interests to take it down.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •