[INFO] Metamorfose Virus Iframe

Discussion in 'Masalah Teknik dan Keamanan' started by PusatHosting, 9 Jan 2010.

Thread Status:
Not open for further replies.
  1. PusatHosting

    PusatHosting Hosting Guru Web Hosting

    Messages:
    3,334
    Likes Received:
    326
    Trophy Points:
    83
    just info, Mulai ramai lagi nih virus-virus injeksi iframe, sampai2 DC negur.

    virus ini skarang bisa menginjeksi puluhan script .JS

    Varian 1
    VArian 2
    eksekusi perintah

    regex nya disesuaikan aja dengan karakteristik virusnya.
     
  2. vishualhost

    vishualhost Expert 2.0

    Messages:
    813
    Likes Received:
    80
    Trophy Points:
    28
    - setAttribute('src', 'h))t#^t$#))!p&&#:^!&/^^/)^(@m&()y&#b(r@&&!!o)^w(&(s)^)$e(@&#r&))b^a#r!&$-#@c&#o#m#@&.)

    => mybrowserbar.com


    - 'h#t#&@t^&p(@)&)/^!$/)l)e&b)!o)$n^@c!!(o)i#n$$-#f@$r@

    => eboncoin.com


    - @i&#c(h(^i(^.$)$j(p

    => ichi.jp


    - w(e$b#!.(r^)u^ $!:@$^8$0^$8)!0)

    => web.ru:8080

    virus ini semacam popup onload ya bro.

    bisa juga diset di config mod_sec rules buat blocking onload ke sites tersebut


    biar lebih mudah bro , dibuat perl / bash file saja dengan memasukan beberapa perintah penghapusan dengan query2 target pattern virus nya yg di combine dengan cron auto daily jadi biar automatic searching dan removal .
     
    Last edited: 10 Jan 2010
  3. PusatHosting

    PusatHosting Hosting Guru Web Hosting

    Messages:
    3,334
    Likes Received:
    326
    Trophy Points:
    83
    kalau boleh, kasih sample rule mod_sec nya donk bos. di cron oke mantab.
     
  4. am3n

    am3n Apprentice 1.0

    Messages:
    384
    Likes Received:
    2
    Trophy Points:
    18
    mas hady, pada saat saya buat thread ini, avast lsg komplain dan mengenali virus web ini
     
  5. PusatHosting

    PusatHosting Hosting Guru Web Hosting

    Messages:
    3,334
    Likes Received:
    326
    Trophy Points:
    83
    aneh, Kis saya kok engga ya?
     
  6. hostnic.id

    hostnic.id Hosting Guru Web Hosting (Company)

    Messages:
    1,099
    Likes Received:
    30
    Trophy Points:
    48
    di server gw juga ada beberapa domain yang kena virus ini
     
  7. PusatHosting

    PusatHosting Hosting Guru Web Hosting

    Messages:
    3,334
    Likes Received:
    326
    Trophy Points:
    83
    selamat berburu om
     
Loading...
Thread Status:
Not open for further replies.

Share This Page

Loading...