[nsp-sec] new list of probably compromised web sites
Smith, Donald
Donald.Smith at qwest.com
Thu Mar 20 13:47:05 EDT 2008
I found some obfuscated java that I believe was injected into the site identified within our space.
I don't really have the ability nor tools to de-obfuscate it.
If someone wants it I can send it to you.
It was at the top of a file named stmenu.js.
Right below it was the rest of the menu. DHTMLMenu from sourcetec.
RM=for(1)
{manage_risk(identify_risk(product[i++]) && (identify_threat[product[i++]))}
Donald.Smith at qwest.com giac
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of
> Florian Weimer
> Sent: Thursday, March 20, 2008 11:31 AM
> To: nsp-security at puck.nether.net
> Subject: Re: [nsp-sec] new list of probably compromised web sites
>
> ----------- nsp-security Confidential --------
>
> * Tom Fischer:
>
> > 3941 hxxp://www.forum-aufschalke
>
> The ISP has acked this after a phone call. (It's the official forum
> page of a major German soccer club, with quite a few users, that's why
> I called them.)
>
> --
> Florian Weimer <fweimer at bfk.de>
> BFK edv-consulting GmbH http://www.bfk.de/
> Kriegsstraße 100 tel: +49-721-96201-1
> D-76133 Karlsruhe fax: +49-721-96201-99
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the
> nsp-security
> community. Confidentiality is essential for effective
> Internet security counter-measures.
> _______________________________________________
>
>
This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful. If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.
More information about the nsp-security
mailing list