I took the time to save out all of the code from the JS file that was inserted.
Anyone that would like this code, please contact me off list and I'll be happy to zip it up for you. -----Original Message----- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Monday, July 21, 2008 2:25 PM To: CF-Talk Subject: Re: (ot) URL Hack Attempt Leaves Me Scractching My Head... >>For what it's worth, the specific URL that was injected in the sample I saw (http://1.verynx.cn/w.js) doesn't seem to work anymore. The server name doesn't resolve. =============== Yeah, that suck, I was going to dissect it. It is broken now, but this morning I was able to see the code. Apparently all it was doing was to document.write some code containing an iFrame with an address to another Chinese site: http://ll80.com/. I've opened the site, but it is all Chinese for me ;-) -- _______________________________________ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:309375 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
