HackDig : Dig high-quality web security articles for hackers

Website Malware – Curious .htaccess Conditional Redirect Case

I really enjoy when I see different types of conditional redirects on compromised sites. They are really hard to detect and always lead to interesting investigations. Take a look at this last one we identified: The curious aspect about it is the usage of a not so common .htaccess feature: variables. Most conditional injections rely only on the user agent (
Publish At:2014-09-23 18:40 | Read:4289 | Comments:0 | Tags:Website Malware htaccess malware cleanup redirects

Rotating Iframe URLs – One a Minute

Earlier this week, Sucuri wrote about auto generated iframes in hacked WordPress blogs. The malicious PHP code fetched the iframe URLs from a remote server (hxxp://82 .200 .204 .151/config.inc.php) on-the-fly every time someone loaded infected web pages. This trick helped regularly update the malicious URLs without having to change the code on each hacked si
Publish At:2014-08-15 20:40 | Read:18809 | Comments:0 | Tags:Website exploits htaccess iframe Joomla nginx redirects Unit


Tag Cloud