Javascript viruses
The team in which I work serves a lot of sites, both on their hosting and on third-party ones. From time to time there are attacks on the server and in php-files in the end appends JavaScript code that downloads the Trojan to the visitor’s computer.
Of course, you will not follow everything at once in one moment. After infection, each file (usually only each index.php, and sometimes all other PCPs) must be viewed and, if a virus is detected, the bootloader code is deleted. At this time, the sites come, antivirus visitors squeal ...
I recently came up with a way (maybe everyone does that, but still)
At the end of the file add an empty start php code ()
')
In this case, when adding, there will be an error about an unexpected sign <(the opening <script ... tag)
But you can then add another opening comment.
<? php
/ *
In theory, this thing at least a little bit should delay the loader.
Is there any sense in this? And what are your actions when a bunch of sites got such loaders.
Of course, you will not follow everything at once in one moment. After infection, each file (usually only each index.php, and sometimes all other PCPs) must be viewed and, if a virus is detected, the bootloader code is deleted. At this time, the sites come, antivirus visitors squeal ...
I recently came up with a way (maybe everyone does that, but still)
At the end of the file add an empty start php code ()
')
In this case, when adding, there will be an error about an unexpected sign <(the opening <script ... tag)
But you can then add another opening comment.
<? php
/ *
In theory, this thing at least a little bit should delay the loader.
Is there any sense in this? And what are your actions when a bunch of sites got such loaders.
Source: https://habr.com/ru/post/28257/
All Articles