Results 1 to 4 of 4

Thread: Long code I don't recognize; possible malware?

  1. #1
    Join Date
    Jun 2014

    Smile Long code I don't recognize; possible malware?

    Hello everyone :-). I am new to Webdeveloper.com. So, forgive me for starting out with a question.

    I looked at the source code of a website to see if it used a CMS platform with which I was familiar. While I was doing so, I came across some strange code I've never seen before. I wanted to run it past others who are more experienced than me to see if it could possibly be malware. I wanted to notify them in case it was. Here is a shortened version of the code:

    <div class="aspNetHidden">
    <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
    <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
    <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTI3ODUyNTU4Nw8WAh4TVmFsaWRhdGVSZXF1ZXN0TW9kZQIBFgJmD2QWBAIBD2QWDAIDD2QWAmYPFgIeBFRleHQFNFdpb GxvdyBQYXJrIEluZGVwZW5kZW50IFNlbmlvciBMaXZpbmcgQ29tbXVuaXR5IHwgSU5kAgQPFgIeB2NvbnRlbnQFTUV2YW5zdmlsb GUgSW5kaWFuYSBJbmRlcGVuZGVudCBTZW5pb3IgTGl2aW5nLCBXaWxsb3cgUGFyaywgSG9saWRheSBSZXRpcmVtZW50ZAIFDxYCH wIFoQFXaWxsb3cgUGFyayBvZmZlcnMgYWxsLWluY2x1c2l2ZSBpbmRlcGVuZGVudCBzZW5pb3IgbGl2aW5nIGluIEV2YW5zdmlsb GUsIElOLiBWaWV3IHBob3RvcyBhbmQgZmxvb3IgcGxhbnMsIGRpc2NvdmVyIGFtZW5pdGllcywgZmluZCBkaXJlY3Rpb25zLCBvc iBnZXQgaW4gdG91Y2guIGQCBg8WAh4HVmlzaWJsZWhkAgcPFgQeBGhyZWYFHC9vdXItY29tbXVuaXRpZXMvd2lsbG93LXBhcmsfA 2hkAgoPFQIiLi4vSExEWVdFQjIvc2NyaXB0cy9saWIvcmVzcG9uZC5qcxsuLi9ITERZV0VCMi9zY3JpcHRzL2luaXQuanNkAgMPZ BYGZg8VAgxVQS0zNDI4ODY4LTEQaG9saWRheXRvdWNoLmNvbWQCARBkZBYQZg8VARRoYXMtY29tbXVuaXR5LXNlYXJjaGQCAQ9kF gJmD2QWAgIFDw9kFgIeCmRhdGEtanNnZXQFK2h0dHA6Ly93d3cuaG9saWRheXRvdWNoLmNvbS9vdXItY29tbXVuaXRpZXNkAgMPZ BYCAgEPZBYMAgEPDxYCHgtOYXZpZ2F0ZVVybAU7aHR0cDovL3d3dy5ob2

    The entire code can be viewed at holidaytouch.com/our-communities/willow-park. Since I viewed the site, I want to make sure I am not at risk as well.

    Thank you!

  2. #2
    Join Date
    Jun 2014
    Dubai, UAE
    Yes it look like a malware get it removed soon or your site fully become victim of this code.

  3. #3
    Join Date
    May 2014
    Sadly, that does NOT look like malware to me -- it looks like what happens when you use Visual Studio to make an ASP based webform; which is why generally speaking you shouldn't use Visual Studio to make ANYTHING for websites -- at least not without micro-managing everything it does and NEVER allowing it to make HTML. All the telltales of an ASP page built with a WYSIWYG are present, from the lack of graceful degradation, to the massive hash keys for nothing, to the entire page being wrapped in a single form.

    Just more proof that the people making the tools for building ASP based websites don't know enough HTML to be... well... making tools for building websites.
    Java is to JavaScript as Ham is to Hamburger.

  4. #4
    Join Date
    Oct 2013
    3rd planet from the sun
    You're correct deathshadow.

    IIS 8.5
    Web Server

    jQuery 1.10.2
    Javascript Framework

    Microsoft ASP.NET 4.0.30319
    Web Framework

    Windows Server
    Operating System

    Google Analytics

    HeadJS (50% sure)
    Javascript Framework

    Javascript Framework

    Javascript Framework

    Javascript Framework

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
HTML5 Development Center

Recent Articles