GallenWolf Posted January 13, 2015 Share Posted January 13, 2015 Heya! I got this on my home machine last night, and again here at work when trying to access odforce; clicking on a google search link redirects me to url4short.info, the 2nd click brings up odforce properly.. Quote Link to comment Share on other sites More sharing options...
Marc Posted January 14, 2015 Share Posted January 14, 2015 <sob> Quote Link to comment Share on other sites More sharing options...
Marc Posted January 14, 2015 Share Posted January 14, 2015 This saddens me greatly, I'll look into it. Quote Link to comment Share on other sites More sharing options...
edward Posted January 14, 2015 Share Posted January 14, 2015 Is it possible to re-style the forum from a clean room version of the forum's source code again? Quote Link to comment Share on other sites More sharing options...
Marc Posted January 14, 2015 Share Posted January 14, 2015 Probably not. It's normally an obfuscated piece of code hidden in one of the forums files somewhere. It's really weird, every time I track it down I lock down permissions on that file so it never gets changed. But then it just pops up in another file somewhere... sigh. There is a new version of the forum coming soon, so its possible this particular vulnerability has been patched. Outside of that, I just have to patch them as they come up. Quote Link to comment Share on other sites More sharing options...
cristobalvila Posted January 17, 2015 Share Posted January 17, 2015 I have suffered this issue on past 3-4 days. Trying to arrive here from a link (both directly from a Google search, and also through a bit.ly on a tweet) and, sometimes, my first try derived me to that url4short.info damm site… The second click brings me here… After further investigation in Google I have installed JavaScript Blocker on my Mac-Safari, and it seems that it could be addressed… Quote Link to comment Share on other sites More sharing options...
Marc Posted January 19, 2015 Share Posted January 19, 2015 Yeah it's a piece of obfuscated code that runs a javascript to check where you came from. If it's from one of the search engines it redirects you to the spam site and sets a cookie that expires in 24 hours. So this should happen once/day. Apologies for taking so long to get to this. Due to the wonderful security measures at studios these days, I can only get onto the server from home.... which means I never have time to get on. I'll try get on tonight. M 1 Quote Link to comment Share on other sites More sharing options...
Marc Posted January 20, 2015 Share Posted January 20, 2015 You know, I dug through the archives... this has been plaguing us since 2009! That's just nuts. M Quote Link to comment Share on other sites More sharing options...
Marc Posted January 20, 2015 Share Posted January 20, 2015 hmm... I just tried this from my home machine and I can't get it to redirect from google. Is it still happening for you? Quote Link to comment Share on other sites More sharing options...
goldleaf Posted January 21, 2015 Share Posted January 21, 2015 I'm seeing it still happen as well Quote Link to comment Share on other sites More sharing options...
edward Posted January 21, 2015 Share Posted January 21, 2015 Marc, from previous discussions on this, you cannot be logged in to reproduce. Quote Link to comment Share on other sites More sharing options...
cristobalvila Posted January 21, 2015 Share Posted January 21, 2015 This is my experience on this:Last week I needed to make some operations with administrative tax authorities here in Spain (a PITA) and that site forces to users to disable and enable lots of things in our browsers (related with Javascript, mainly). And the days just after that operations I suffered this url4short.info redirections coming here (and also to some other site) from links in another places, like Google or Twitter… But this was very erratic: just from time to time, not always… Once I installed JavaScript Blocker in my browser (Safari) I never more suffered that issue. Quote Link to comment Share on other sites More sharing options...
Marc Posted January 21, 2015 Share Posted January 21, 2015 ok thanks guys. I remember now Ed, thanks for the reminder. Quote Link to comment Share on other sites More sharing options...
Marc Posted January 25, 2015 Share Posted January 25, 2015 ok I found it. I'll lock down the files and see if I can trace the origin. Having gone through this before though, I suspect I won't have much luck. M Quote Link to comment Share on other sites More sharing options...
magneto Posted January 28, 2015 Share Posted January 28, 2015 It's even worse now, it directs to adultfriendfinder. I don't have issues with the content just wanted to mention it Quote Link to comment Share on other sites More sharing options...
Guest tar Posted January 28, 2015 Share Posted January 28, 2015 It's even worse now, it directs to adultfriendfinder. I don't have issues with the content just wanted to mention it Electronics and travel ads here - It appears to go to sites similar to what you've been visiting; normal advertising cookie. Quote Link to comment Share on other sites More sharing options...
Marc Posted January 30, 2015 Share Posted January 30, 2015 Patched again and permissions completely removed on offending files. Will it work? I have no idea, please let me know if it comes back. Thanks M 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.