Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 8 of 8
  1. #1
    New to the CF scene
    Join Date
    Mar 2013
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Html Injection on Random Sites

    I'm having some trouble viewing web pages correctly. I'm trying to figure out what is going on so that I am actually getting the correct information and sending it. I've turned off JavaScript in my browser FF and still have it popping up tried some userscripts but am a novice..so that was a wash. Just looking for a little advice on what may be going on and what a possible fix might be. The page's show up too big for my window and I have to resize which makes the font extremely small. I've tried a bunch of add ons and have been searching for a job for quite some time with little response. By sheer volume I should have had more interest than I've received. I've also had some issues with my email and all around just being F*cked about. I'd like to get a handle on whether it is a server side issue or something on my end that is fixable. If it's a server side issue should I be reporting it to these companies?

    Code:
    <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <link rel="stylesheet" type="text/css" href="/careersection/2012PRD.2.5.12.3.0/css/webcentric_jobboard.css" />
    <link rel="stylesheet" type="text/css" href="/careersection/2012PRD.2.5.12.3.0/css/ftl.css" />
    <link rel="stylesheet" type="text/css" href="/careersection/2012PRD.2.5.12.3.0/UIStyleSheet.dcss?styleSheet=Cessna&amp;timestamp=1362081932365" />
    <script type="text/javascript" src="/careersection/2012PRD.2.5.12.3.0/js/ftlallc.js">
    </script>
    <meta content="IE=EmulateIE7" http-equiv="X-UA-Compatible" />
    <meta content="Cessna, Citation, business jet" name="Keywords" />
    <meta content="The Citation Cessna XLS+ has numerous enhancements compared to the previously manufactured XLS. The 560 business jet offers some of the industrys most desired avionics. " name="Description" />
    <title>Cessna Aircraft Company</title>
    <link media="screen" rel="stylesheet" type="text/css" href="/careersection/theme/201/1336622747000/en/theme/css/header-styles.css" />
    </head>
    <body>
    <div id="wrapper">
    <div class="container">
    <div id="header">
    </div>
    <ul id="topnav">
    <li class="homelist">
    <a class="home" href="http://cessna.com/index.html" shape="rect">Home</a>
    </li>
    <li class="aircraftlist">
    <a class="aircraft" href="http://cessna.com" shape="rect">Aircraft</a>
    </li>
    <li class="servicelist"><a class="service" href="http://www.cessna.com/customer-service.html" shape="rect">Service</a>
    </li>
    <li class="traininglist">
    <a class="training" href="http://www.cessna.com/learn-to-fly.html" shape="rect">Training</a></li>
    <li id="newsroom">
    <a id="newsclickbutton" class="mainsublinks firstsublink" href="http://cessna.com/newsroom.html" shape="rect">Newsroom</a>
    </li>
    <li id="careers">
    <a id="careersclickbutton" class="mainsublinks" href="http://cessna.com/careers.html" shape="rect">Careers</a>
    </li>
    <li id="about">
    <a id="aboutclickbutton" class="mainsublinks" href="http://cessna.com/about-cessna.html" shape="rect">About Cessna</a>
    </li>
    <li id="contactus">

    This is the part that I have the main questions about.

    Code:
    <input type="hidden" name="ftlinterfaceid" id="ftlinterfaceid" value="" />
    <input type="hidden" name="ftlcompclass" id="ftlcompclass" value="" />
    <input type="hidden" name="ftlhistory" id="ftlhistory" value="1362104461880|3.0.8.5.18.20.21.3.19.32.15" />
    <input type="hidden" name="ftlPageHistory" id="ftlPageHistory" value="" />
    <input type="hidden" name="ftlstate" id="ftlstate" value="" />
    <input type="hidden" name="ftlwinscr" id="ftlwinscr" value="" />
    <input type="hidden" name="jsfCmdId" id="jsfCmdId" value="" />
    <input type="hidden" name="ftlerrors" id="ftlerrors" value="" />
    <input type="hidden" name="portal" id="portal" value="" />
    <input type="hidden" name="tz" id="tz" value="America/Chicago" />
    <input type="hidden" name="iniurl.src" id="iniurl.src" value="" />
    <input type="hidden" name="iniurl.media_id" id="iniurl.media_id" value="" />
    <input type="hidden" name="iniurl.sns_id" id="iniurl.sns_id" value="" />
    <input type="hidden" name="iniurl.use_up" id="iniurl.use_up" value="" />
    <input type="hidden" name="zipcodePanelErrorDrawer.state" id="zipcodePanelErrorDrawer.state" value="true" />
    <input type="hidden" name="radiusSiteListPagerId.nbDisplayPage" id="radiusSiteListPagerId.nbDisplayPage" value="5" />
    <input type="hidden" name="rlPager.pageLabelBeforeHidden" id="rlPager.pageLabelBeforeHidden" value=" " />
    <input type="hidden" name="actDisplayImportProfiler.mode" id="actDisplayImportProfiler.mode" value="" />
    <input type="hidden" name="radiusSiteListId.isEmpty" id="radiusSiteListId.isEmpty" value="true" />
    <input type="hidden" name="siteListId" id="siteListId" value="" />
    <input type="hidden" name="actOnReqReferralApplyReqList.mode" id="actOnReqReferralApplyReqList.mode" value="" />
    <input type="hidden" name="rssLocationIconTT" id="rssLocationIconTT" value="This criteria can be used for RSS feed creation: Location" />
    <input type="hidden" name="radiusSiteListPagerId.currentPage" id="radiusSiteListPagerId.currentPage" value="1" />
    <input type="hidden" name="radiusSiteListPagerId.listId" id="radiusSiteListPagerId.listId" value="" />
    <input type="hidden" name="listEmptyIsApplicantUser" id="listEmptyIsApplicantUser" value="false" />
    <input type="hidden" name="displayUrgentNeed" id="displayUrgentNeed" value="false" />
    <input type="hidden" name="computeSiteListAction.zipcode" id="computeSiteListAction.zipcode" value="" />
    <input type="hidden" name="jobCartIcon" id="jobCartIcon" value="cart_black.gif" />
    <input type="hidden" name="initialHistory" id="initialHistory" value="ftlx0!|!jobsearch_processSearchInitialHistory!%24!requisitionListInterface!|!listRequisition!|!rlPager!%24!false!|!false!|!false!|!124480!|!Customer Engagement Coordinator (Entry Level)!|!124480!|!Customer Engagement Coordinator (Entry Level)!|!124480!|!124480!|!124480!|!Full-time!|!Cessna Aircraft!|!Marketing!|!US-Kansas-Wichita!|!false!|!!|!!|!!|!!|!213747!|!Feb 28, 2013!|
    Last edited by Schnapper; 03-01-2013 at 02:39 PM. Reason: added code BB tags

  • #2
    Senior Coder Spudhead's Avatar
    Join Date
    Jun 2002
    Location
    London, UK
    Posts
    1,856
    Thanks
    8
    Thanked 110 Times in 109 Posts
    You don't say what the actual issue is. Are you seeing the above HTML injected into a site you're working on? If so, either your computer, or the server that's hosting the site, or both, has been compromised by hackers.

  • #3
    Supreme Master coder! Philip M's Avatar
    Join Date
    Jun 2002
    Location
    London, England
    Posts
    17,897
    Thanks
    202
    Thanked 2,530 Times in 2,508 Posts
    If you make your posted code virtually unreadable by not putting line breaks between each ><, then you ought not to expect others to disentangle it.

    Do please read the posting guidelines regarding silly thread titles. The thread title is supposed to help people who have a similar problem in future. Yours is useless for this purpose. You can (and should) edit it to make it more meaningful.

    Be aware that although you can technically use colons and periods in id/name attributes, I would strongly suggest avoiding both.

    In CSS (and several JavaScript libraries like jQuery), both the period and the colon have special meaning and you will run into problems if you're not careful. Periods are class selectors and colons are pseudo-selectors (eg., ":hover" for an element when the mouse is over it).

    Prefer to use either _ or camel case.

    Names/ids such as radiusSiteListPagerId.nbDisplayPage are far too long and complicated, and are likely to give rise to typo errors. Choose shorter but still meaningful names/ids.

    Contrast name="tz" id="tz" value="America/Chicago" />
    tz is not a meaningful abbreviation as far as I can see.


    This is the part that I have the main questions about.
    So what are your questions?
    Last edited by Philip M; 03-01-2013 at 06:43 PM.

    All the code given in this post has been tested and is intended to address the question asked.
    Unless stated otherwise it is not just a demonstration.

  • #4
    New to the CF scene
    Join Date
    Mar 2013
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Maybe this isn't the correct place to begin this discussion but I was looking for somebody to point me in a direction to fix this issue. If it's on my end. Otherwise I was going to report to the site administrator. As it were your site seems to be exhibiting the same symptoms. Which wasn't the case yesterday. Makes me think it's an issue over here but I'm in no position to diagnose this stuff.
    Last edited by Schnapper; 03-01-2013 at 07:31 PM.

  • #5
    Regular Coder
    Join Date
    Apr 2012
    Location
    St. Louis, MO
    Posts
    985
    Thanks
    7
    Thanked 101 Times in 101 Posts
    Most likely a virus or malware. Get malwarebytes installed and updated, then run a full system scan, and clean out everything that it says is a problem.
    ^_^

    If anyone knows of a website that can offer ColdFusion help that isn't controlled by neurotic, pedantic jerks* (stackoverflow.com), please PM me with a link.
    *
    The neurotic, pedantic jerks are not the owners; just the people who are in control of the "popularity contest".

  • #6
    New to the CF scene
    Join Date
    Mar 2013
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Can't seem to get this thing figured out and would like to try more than the malware bytes solution. It hasn't worked in the past. I do appreciate the tip. Could you point me in the direction of any other possible fixes?

  • #7
    Regular Coder
    Join Date
    Apr 2012
    Location
    St. Louis, MO
    Posts
    985
    Thanks
    7
    Thanked 101 Times in 101 Posts
    Of the virus/malware removal tools that I've used, MalwareBytes has removed everything I've ever come up against. Even things that SpywareBlaster, SpybotS&D, McAfee, Norton, or Symantec missed. IMHO, it's the best, out there.

    There may be one better, but I haven't used it, yet. If you've got something on your computer that is hijacking your browser, MB will remove it.

    If you used MB in the past and it didn't work, quite often renaming the installer to iexplore.exe before copying it to the infected HD will succeed, as the malware usually wants IE to run in order to fetch more malware.
    ^_^

    If anyone knows of a website that can offer ColdFusion help that isn't controlled by neurotic, pedantic jerks* (stackoverflow.com), please PM me with a link.
    *
    The neurotic, pedantic jerks are not the owners; just the people who are in control of the "popularity contest".

  • #8
    Senior Coder rnd me's Avatar
    Join Date
    Jun 2007
    Location
    Urbana
    Posts
    4,273
    Thanks
    10
    Thanked 581 Times in 562 Posts
    Quote Originally Posted by Schnapper View Post
    I've tried a bunch of add ons and have been searching for a job for quite some time with little response
    that sentance smells like a smoking gun to me. While a virus might be able to alter the code in a webpage by hijacking the network, it would be trivial for an extention/addon to do the same. Sometimes these get installed when we rapid-fire "Next,Next, Next" in a software install.

    It might not be malicious, often addons process the code on the page and alter it in some useful manner.

    here a test to determine if it's a virus or an addon:
    for chrome, you can view the page in 'incognito mode', whicjh should disable all addons.
    if it's still there in incognito mode, that's a virus, if it vanishes, scrub your addons...
    my site (updated 13/9/26)
    BROWSER STATS [% share] (2014/5/28) IE7:0.1, IE8:5.3, IE11:8.4, IE9:3.2, IE10:3.2, FF:18.2, CH:46, SF:7.9, NON-MOUSE:32%

  • Users who have thanked rnd me for this post:

    WolfShade (03-01-2013)


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •