Always know where your towel is.

Month: December 2011 JS injection using WSO 2.2

A client recently gave me a call saying his website was throwing a malware warning when visited using Google Chrome. A bit of research indicated that somehow the attacker gained access to the site, installed a Web Shell script in *.js.php files and injected JS code into existing JS files. Google’s Webmaster Tools showed the injected code in the JS…