Thursday, October 15, 2009

Modifications To The iFrame Scanner Tool File

If you have read the article, "Measures to Prevent and Detect iFrame Injection Attacks", then these little additons to the "detect-signature.php" iframe scanner file, will help give some order to your scanning, especially if you are doing hourly scanning on a 24 hour basis.

The following javascripts were available for free on the internet and I used them for my file, which helped to keep things in perspective.

All these javascripts are to be put between the body tags of the file, [body] and [/body].

Note: Due to Blog restrictions, the normal HTML brackets < > were replaced with [ ].

The following javascript will print the date on the file display web page. Put it right after the [body] tag.

The following javascript will print the time on the file display web page. Put it right after the previous date javascript.
You can also add a "close" button to close the web page after you view it.

If you press the close button, and are using IE 7.0, it will give you a pop up window that says:

"The webpage you are viewing is trying to close the window"

This happens becuause you opened the window via a hyperlink from a parent window. It is a browser security measure. Basically, if you did not open the window using javascript, you can't close it using javascript.

All you need to do to counteract this is put a javascript code in before the close button script.

Put these codes near the end of the file, just before the [/body] tag.

In case you suffered from an iframe injection attack, you will be able to know, very closely, the date and time of the attack. This is very critical to know if you are to avoid your website being classified as a potential risk site. The sooner you react to the attack, the less the chance of being classified as a malware or badware site by Google.

No comments:

Post a Comment