Strange js in html code

Resolved Anagram
(@ahutatatong)

7 years, 7 months ago

If i enable wp-cerber i see some strange html code at the end of the page:

<script type=”text/javascript”>
jQuery(document).ready(function ($) {
//$( document ).ajaxStart(function() {
//});

for (var i = 0; i < document.forms.length; ++i) {
var form = document.forms[i];
if ($(form).attr(“method”) != “get”) { $(form).append(‘<input type=”hidden” name=”rOHabc” value=”c@0Y5l” />’); }
if ($(form).attr(“method”) != “get”) { $(form).append(‘<input type=”hidden” name=”emDQHdOSs” value=”6E51ya7pi” />’); }
if ($(form).attr(“method”) != “get”) { $(form).append(‘<input type=”hidden” name=”vpONEuF” value=”nlQ6Pb@” />’); }
}

$(document).on(‘submit’, ‘form’, function () {
if ($(this).attr(“method”) != “get”) { $(this).append(‘<input type=”hidden” name=”rOHabc” value=”c@0Y5l” />’); }
if ($(this).attr(“method”) != “get”) { $(this).append(‘<input type=”hidden” name=”emDQHdOSs” value=”6E51ya7pi” />’); }
if ($(this).attr(“method”) != “get”) { $(this).append(‘<input type=”hidden” name=”vpONEuF” value=”nlQ6Pb@” />’); }
return true;
});

jQuery.ajaxSetup({
beforeSend: function (e, data) {

//console.log(Object.getOwnPropertyNames(data).sort());
//console.log(data.type);

if (data.type !== ‘POST’) return;

if (typeof data.data === ‘object’ && data.data !== null) {
data.data.append(“rOHabc”, “c@0Y5l”);
data.data.append(“emDQHdOSs”, “6E51ya7pi”);
data.data.append(“vpONEuF”, “nlQ6Pb@”);
}
else {
data.data = data.data + ‘&rOHabc=c@0Y5l&emDQHdOSs=6E51ya7pi&vpONEuF=nlQ6Pb@’;
}
}
});

});
</script>

Is this intended? Especially the lines that are uncommented as well as the console.log look strange to me (debug logs not removed?).

I could imagine that this helps solving possible multiple logins by attaching some more form variables, still it looks somehow unfinished (and for now suspicous) to me.

Viewing 5 replies - 1 through 5 (of 5 total)

Plugin Author gioni
(@gioni)

7 years, 7 months ago

This code is absolutely OK.
Thread Starter Anagram
(@ahutatatong)

7 years, 7 months ago
Ok, thanks for the quick answer.
It looked more suspicous to me before i found out to which plugin it belonged. Still i would remove the console.log and the other uncommented code parts. Obviously this is not required, but my thought was that none of the few plugins i had installed would output this kind of code.

Btw. the plugin itself is perfectly fine. Well done!
- This reply was modified 7 years, 7 months ago by Anagram.
Plugin Author gioni
(@gioni)

7 years, 7 months ago

It’s better to install this version, though. An issue with saving settings has been fixed: https://wpcerber.com/development-version-7-8-3/

goha221
(@goha221)

7 years, 1 month ago

Have you tried solving your problem using anagram? If not then you can solve it there as well because I have heard you using anagram in your post and I guess the link I am going to share is worth trying. So here I go!
https://www.anagrammaker.online/

floatwork_jan
(@floatworkjan)

6 years, 9 months ago

I’ve got a couple of questions regarding this code and thought it’s better to post them in this existing thread.

1. Which Cerber feature requires that code?

We’re using Cerber on all our customer sites, but prefer to deregister jquery-core for a variety of reasons. For once, the version bundled with WordPress contains at least two vulnerabilities of medium severity. And then, of course, there’s little to no use for jQuery in 2019. If the jQuery code added by Cerber is required by a specific feature, we’d rather disable it.

2. Are there plans to migrate this code to vanilla JavaScript?

While it’s trivial to upgrade the bundled version of jQuery, it should be in the interest of a security product to limit all possible attack vectors. Hence, reducing third-party dependencies such as jQuery should be desirable. Is the Cerber team open to PRs to achieve this?

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Strange js in html code’ is closed to new replies.