Archive for March, 2009

cn0093.cn/v.js

Posted in sql injection on March 9, 2009 by s3cu

following previous post, a new injected script has emerged that resolves to same IP.

v.js retrieves another iframe src http://www.vieio.cn/i.htm.

This exploitation kit tries to avoid detection by splitting each respective exploit into 2 files. One .htm and .js

Advertisements

tsnse.cn/i.js

Posted in sql injection on March 5, 2009 by s3cu

This sql-injected script calls iframe http://www.gomne.cn/yh.htm

Continue reading