Warning: TradePulse script has a vulnerability - GoFuckYourself.com

DarkJedi · 09-10-2011, 10:39 AM

Apparently Trade Pulse script has some hole and a lot of people have been victims of infection.

Someone injects a code into websites that use TradePulse, which redirects US people to some shady affiliate programs.

Discussion here: http://forum.scriptpulse.com/index.p...ic,1260.0.html

Screenshot of the injected code: http://clip2net.com/s/1am55

One of the programs that accepts this stolen traffic: http://www.ptp123.com/

Script developers still can't find a way to fix it.

blackmonsters · 09-10-2011, 10:50 AM

Quote:

Originally Posted by Dark_Jedi

Apparently Trade Pulse script has some hole and a lot of people have been victims of infection.

Someone injects a code into websites that use TradePulse, which redirects US people to some shady affiliate programs.

Discussion here: http://forum.scriptpulse.com/index.p...ic,1260.0.html

Screenshot of the injected code: http://clip2net.com/s/1am55

One of the programs that accepts this stolen traffic: http://www.ptp123.com/

Script developers still can't find a way to fix it.

If the developers can't fix the script then it might not be the script.
Servers can be insecure also.
The script would be the obvious thing to attack once the server is already hacked.

DarkJedi · 09-10-2011, 10:56 AM

Quote:

Originally Posted by blackmonsters

If the developers can't fix the script then it might not be the script.
Servers can be insecure also.
The script would be the obvious thing to attack once the server is already hacked.

Idiot.

/facepalm

Dubya · 09-10-2011, 11:09 AM

Switch your sites to TE DJ.

blackmonsters · 09-10-2011, 11:41 AM

Quote:

Originally Posted by Dark_Jedi

Idiot.

/facepalm

Yeah right.

I thought a script was being hacked but changed hosting because it was found that
the server was being hacked through SSH. They had an old version installed.

And try reading the word "might" in my post.

Foolish idiot.

Matyko · 09-15-2011, 12:29 PM

any news about this one? where is the author? where are the webmasters affected by this?
I just got my first 8-10 TP installs to test if its ok for us or not... --> Wipe?

Adraco · 09-15-2011, 05:28 PM

Quote:

Originally Posted by Matyko

any news about this one? where is the author? where are the webmasters affected by this?
I just got my first 8-10 TP installs to test if its ok for us or not... --> Wipe?

I would definitely wipe everything, just to be safe, as long as it's any sites you care for and want to treat good.

09-10-2011, 10:39 AM	#1
DarkJedi No Refunds Issued. Industry Role: Join Date: Feb 2001 Location: GFY Posts: 28,300	Warning: TradePulse script has a vulnerability Apparently Trade Pulse script has some hole and a lot of people have been victims of infection. Someone injects a code into websites that use TradePulse, which redirects US people to some shady affiliate programs. Discussion here: http://forum.scriptpulse.com/index.p...ic,1260.0.html Screenshot of the injected code: http://clip2net.com/s/1am55 One of the programs that accepts this stolen traffic: http://www.ptp123.com/ Script developers still can't find a way to fix it. Last edited by DarkJedi; 09-10-2011 at 10:40 AM..

09-15-2011, 12:29 PM	#6
Matyko PsyHead Industry Role: Join Date: Aug 2005 Location: Hungary Posts: 8,664	any news about this one? where is the author? where are the webmasters affected by this? I just got my first 8-10 TP installs to test if its ok for us or not... --> Wipe? __________________ -=- Register with our ref link and we help you with the setup! -=- AdSpyglass.com - Double your profit from brokers

09-10-2011, 11:09 AM	#4
Dubya So Fucking Banned Join Date: Feb 2008 Posts: 1,152	Switch your sites to TE DJ.