Archive for July, 2009

a0v.org/x.js

Posted in sql injection on July 23, 2009 by s3cu

another round of sql-injection attacks.

x.js calls iframe src http://www.jejsaj.com/ya/index.html

jejsaj contains various exploits targeting among others

  • owc 0-day
  • realplayer
  • msvidctl.dll

the exploits download trojans from http://www.wowand.com

f1y.in/j.js

Posted in sql injection on July 11, 2009 by s3cu

another round of sql-injection attempt

Update: beware of this malicious script as it is making use of OWC 0-day.
Ref – http://isc.sans.org/diary.html?storyid=6811