Website hacked with redirect script to malicious server

Posted on 2009-05-02
Last Modified: 2012-05-06

if you go there, you will see it attempts to redirect you to

thats where the hack host site tries to inject code into your computer or whatever it is - that its trying to do.....

anyone got any clue how to tell what file, what piece of code, is trying to do the redirect?? when you go to

wish i knew!

Open in new window

Question by:jason_jm

    Accepted Solution


    that code was added to all .js files

    LVL 3

    Expert Comment

    redirection can be set with the multiple ways
    1. check c:\inetpub\wwwroot under this folder open each and every file and check if you find any redirection there iis manager and just hilight default website and in the right pen try and brows iisstart.htm page
    3.under the properties of the default website go to the document tab and check whic document is on the top. and try to brows that file
    LVL 7

    Expert Comment

    If you search up : on google they say that that it a Virus. A Trojan to be more spessific.. like the Zief virus it injects it automaticlly when you as a user change the source code .. or it can just inject by laying on the server undetected and parsing the redirect code unseen.

    I will suggest you search after fixes to the virus : Troj/JSRedir-0

    and try to get rid of it.. after my rescorces it is the trojan : Troj/JSRedir-0 you have been infected by .
    its a Javascript that redirects you to that server.

    Author Comment

    yep, was tryna work out how the website was being redirected

    its from that java script code added to the end of all .js files

    now i gotta figure out how the hacker got access to the .js files

    probably through an infected PC from a webdesigner (stealing the FTP password in cleartext)
    LVL 7

    Expert Comment

    yeah, we had the same problemt with one of our webserver aswell. one of the devlopers had the virus and infected the site with the javascript

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Suggested Solutions

    "Migrate" an SMTP relay receive connector to a new server using info from an old server.
    Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
    This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
    In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    24 Experts available now in Live!

    Get 1:1 Help Now