WordPress.org

Ready to get started?Download WordPress

Forums

Possible script injection within an img tag (3 posts)

  1. radicalradical
    Member
    Posted 4 years ago #

    Hello all,

    I was looking through some of the pages on a wordpress site I admin and I found this in a page (pasted below).

    It only showed up in the html view of the page. I noticed that the src attribute had "base64". I've seen this in a php injected script before.

    Is this malicious? Has my site been hacked? Any info would be greatly appreciated.

    <img id="fvdkoff-target-image" style="border: medium none; margin: 0px; position: absolute; visibility: visible; color: transparent; z-index: 2147483647; left: 475px; top: -10px;" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABYAAAAUCAYAAACJfM0wAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAK8AAACvABQqw0mAAAAB90RVh0U29mdHdhcmUATWFjcm9tZWRpYSBGaXJld29ya3MgOLVo0ngAAAAWdEVYdENyZWF0aW9uIFRpbWUAMDQvMDQvMDhrK9wWAAACLklEQVQ4jbXUP0wTcRQH8O/9ekdjkT8CUqpee00bRyNNmSRSV0PcJJoQg2i6ODTExEUHg04OaNSppqtCjQ4ukDSKSuLUwcm4NNZcQYsIGtD+u/f7MZSWXltqo/Ul7/JL7u7z3r3fLye53e5xj8ejoYWRSCSSstfr1YLBYHcr4XA4rMmMMciy3EoXjDHIjDEoivL/4fefrP1P3nYEvqzLajOIo8fQz5/cfH3cnVttCM8udQaODBxQFx44Ye9h4HxvdGWtgMlbSXV2SQoMHf0RNcGSJJlmvPLdos7fdyIWL+D5myx+ZwwUDAIRh2EU1wYRFItA6FwvIjdcGJr4qFYakiSBlTavlABwsJth7mUWmSyBOAfnAkQE4gKccxBx/MoYmHmcxuH+NgAwGQ03j3NeRjjnoGqcC/zcIgghAMBkNISJuKlbEy4EaKdoKerC5nNMxQdlgVx+t0siKhYQovwV1rbdtyoNxlhxxoqilBMA0uuES6Pt6NqP2hHsoDarhJuXD2F5NV/uuJR1T4XLzvTJ25/VyHUnzgzba0YkKq6pdB4T00m47EyvPhU1M54asy3ee5o55bvwQQWAr/PHMBfbQGhGrykCANqARZ8asy3+ccYjg/K3kcF9UQAYvrJ29dmrDUxHlnOxu72P+rpYrq5eFU39K649TCF0tnPB0WdtCt2z48rQHIp+8XTHu9ET7alm0aY6fnFHjda98a/w3wZjDJLP5xv3+/1aK+F4PJ7cBm32CUNiyI2GAAAAAElFTkSuQmCC" alt="" />

  2. UseShots
    Member
    Posted 4 years ago #

    It looks legitimate. It's just an inline image, base64-encoded to be compatible with HTML. A small icon.

  3. radicalradical
    Member
    Posted 4 years ago #

    Thanks for clearing that up. Only problem is, I don't know how it got there

Topic Closed

This topic has been closed to new replies.

About this Topic