| Re: Data injection problems [message #169582 is a reply to message #169577] |
Sat, 18 September 2010 12:01   |
Denis McMahon
Messages: 634
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 18/09/10 12:00, Beauregard T. Shagnasty wrote:
> Michael Fesser wrote:
>
>> Short addition: Opera and Firefox show clean code, Lynx gets the spam.
>
> Probably because Lynx (text-only browser) doesn't utilize the CSS and
> the positioning stuck in the hacker's addition.
>
> Remember that "line 130?"
>
> <div style='position:absolute;top:-95832;left:-948289;'>
>
> It places all those viagra links 95-thousand pixels above the top of,
> and nearly a million pixels to the left of, your graphical browsers'
> viewports.
>
> I'm not sure why the hacker/spammer doesn't want visitors to see them.
> Surely, nobody is going to click on them. Maybe the h/s is just wanting
> the googlebot to find them. <shrug>
Ah, that would explain why the source concerned isn't served to known
browsers.
I requested the page with:
wget - had the links
amaya - had the links
ff 3.6, seamonkey, chrome, opera, epiphany, konqueror - no links
ie under wine - I can't view source (need to look at that) so I don't
know if it was delivered or not.
op reported that it appeared in lynx
Perhaps the server config has been hacked to tack the code onto pages
for search agents?
I couldn't see anything like an include in the original php at the point
that the hack appears, it's after the closing "</html>" and the op's
code doesn't put anything there, so I suspect a higher level hack in the
server.
Hack the server to deliver the links, but in such a way that they don't
appear except to spiders?
So they bump up the ratings for the website whenever anyone does a
google etc search for the meds concerned?
So basically it's a hack by the fake pharmaceuticals people to bump
their websites higher up the search engines, and not actually intended
to be seen by people browsing the websites (because once it's been
noticed, it's likely to get looked at and removed).
Rgds
Denis McMahon
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]