GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Have you ever had a problem with this TROJAN? (https://gfy.com/showthread.php?t=713160)

Marshal 03-09-2007 12:26 PM
Have you ever had a problem with this TROJAN?
 
Couple of weeks ago I had a problem opening some sites. It's redirecting to some IP webserver, with some spam advertising.

rowan mentioned this in one of my threads (post #31): http://www.gfy.com/fucking-around-and-business-discussion/706716-seo-thread-10k-inbound-links.html
the post is here: http://www.gfy.com/11937476-post31.html

here is the quote:
Quote:
Originally Posted by rowan (Post 11937476)
Here's what happened when I loaded your site... 2 redirects. The first came from your server (www.0-dix.com/38.96.6.100)


1171726936.408 1458 203.x.x.x TCP_MISS/302 777 GET http://www.0-dix.com/ - DIRECT/38.96.6.100 text/html

1171726937.038 630 203.x.x.x TCP_MISS/302 278 GET http://85.255.115.220/ind.htm?src=19...rt=80&suri=%2F - DIRECT/85.255.115.220 text/html

1171726937.471 432 203.x.x.x TCP_MISS/200 664 GET http://85.255.115.220/site.htm?lng=1&trg=cln&oip=0 - DIRECT/85.255.115.220 text/html


You'll note that someone else independently reported the redirect and showed the second URL, which I hadn't mentioned.

Just a warning for anyone linking to his site, you can make your own conclusions. If he's innocent, then he needs to get his shit fixed.
did you ever had the same problem?

the solution and the explanation is right here:
http://gabrielharrison.co.uk/consult...search_hijack/

nice way to steal traffic... :(

Marshal 03-09-2007 01:55 PM
anyone???

RawAlex 03-09-2007 02:07 PM
yes. I haven't had it, but I have seen it. It involves a nice hack I think through an old version of wordpress or similar.

RawAlex 03-09-2007 02:14 PM
Oh, it isn't DNS related... don't get tricked like that. It is on the server, likely right in the apache kernel.

Marshal 03-09-2007 02:51 PM
should i recompile the kernel?

RawAlex 03-09-2007 04:33 PM
If 0-dix.com if your site, yeah, you would want to look very closely at your kernel to see what is going on. You may want to make a new one and compare it to the old one, looking for differences. You will likely see something nutty in the 302 handling.


All times are GMT -7. The time now is 07:59 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123