Search (advanced search) | ||||
Use this Search form before posting, asking or make a new thread.
|
09-26-2014, 04:11 AM
Post: #21
|
|||
|
|||
RE:
Pro-theme just wants to post the file. I dont think they care aboutrep. I myself have reauested they. give more attention to there posts, like using another file server but just got negitive response.
|
|||
09-26-2014, 04:11 AM
(This post was last modified: 09-26-2014 04:12 AM by Gabby.)
Post: #22
|
|||
|
|||
RE: List of Plugins Infected: BE AWARE!
(09-25-2014 10:55 AM)BRZ Wrote: If you found something infected or suspect, promptly report it as malicious with the following message and hitting the report button:I appreciate what you are doing and agree with you, with one very important exception! Advising members to hit the REPORT button will only send the complaint into a CYBER BLACKHOLE. If you want to get the MODS attention, send a PM directly to them! The REPORT area is so overloaded with so many posts to ti that it is not even looked at. This is not my opinion, but rather told to me via PM by one of the MODS (NonConformer) and he further states that if you want to let them know about a problem, the REPORT button is the last place you want to visit. The MODS to contact via PM are as follows: NonConformer DirectDownload Lala. This is absolutely your best option to draw attention and quicker action to your issue... |
|||
09-26-2014, 04:39 AM
Post: #23
|
|||
|
|||
RE:
I think this should teach us all a lesson...
A lot of newbies get into nulled/DOWNLOAD forums trying to get some scripts for free, without even the minimum knowledge required to scan those scripts. Nulled scripts aren't just a "go build a money making website for free in a few minutes", it's more of a "learn how they are done, test drive them, see if they meet your needs, but if you're planning on doing some serious development or creating a good website, go ahead and BUY them". I've seen users here that don't even know the difference between an encoded script and an obfuscated script! Nulled scripts aren't for everyone's use. I've shared some scripts and you can bet they're 100% clean, since I make my living from my day to day work, so I don't need to get some affiliate cents by placing malicious codes. I also have root access to over 400 servers, so there's no use for me to hack a simple webhosting account. However, when I download a script, I first run some checks looking for fsockopen, curl, fopen, fread, etc. calls just to make sure that it has no callbacks either to the script's author or to another website (for an instance, the nulled WHMCS released by sogomoo/mtimer has a callback to his server, if his server is taken offline, those WHMCS installs will stop working). Then I search for eval, gzip, base64 calls to ensure that there's no "hidden" code within the readable code. If everything goes OK, then I proceed to see if I use that script to test drive it or if I go ahead and start creating a product of my own based on that script. However if you're just a "leech and install" user, then it's only fair to say that you deserve to have your website hijacked/hacked. Just my 2c. |
|||
09-26-2014, 05:01 AM
Post: #24
|
|||
|
|||
RE:
(09-25-2014 12:02 PM)omg Wrote: this is the same as this thread hereForum users need to be reminded of infected shares by nefarious "members". |
|||
09-26-2014, 11:46 PM
(This post was last modified: 09-26-2014 11:53 PM by PUTin-SUp.)
Post: #25
|
|||
|
|||
RE:
(09-25-2014 11:54 AM)BRZ Wrote: Lets report and get these low life guys banned from here... IT CAN also be thumb.png and this files will be called by a 1 line code and end/top of some .php files included path most time is img/thumb.png or images/thumb.png however... this is a world of fuckheads.... hope the got head up by *IS* |
|||
09-27-2014, 01:19 AM
Post: #26
|
|||
|
|||
RE:
I decided a long time ago not to believe anybodies virustotal. I run it through virustotal.com and then run it through malwarebytes, super anti spyware
and bitdefender. I then have my wife talk to it and if it can survive that, it's clean, providing it didn't commit suicide. |
|||
09-27-2014, 03:32 AM
Post: #27
|
|||
|
|||
RE:
ban that dombass...
|
|||
09-27-2014, 03:53 AM
Post: #28
|
|||
|
|||
RE:
every body.. hit the report button to ban Flagged as VIRUS SPAM SITE (Do NOT CLICK!!!)-vip
Sharing a knowlegde is not a crime..
|
|||
09-27-2014, 03:56 AM
Post: #29
|
|||
|
|||
RE:
No report button not effective enough. If you find a file with virus pm a mod with link and info.
|
|||
09-27-2014, 10:15 AM
Post: #30
|
|||
|
|||
RE:
(09-27-2014 03:56 AM)BigLeech Wrote: No report button not effective enough. If you find a file with virus pm a mod with link and info.Part of the problem, and why it is difficult to catch them, is that half the time, the original files seem innocent enough, but they then download some file, either l.php or hatty.php, or googledrive.html (and these are just the ones I have picked up), via curl. After that, all hell breaks loose. Compounding the problem is that sometimes the hacks don't even 'infect' your normal WP site. So most of the time, plugins like TAC, or indeed the security plugins that test the integrity of core files don't pick them up. These guys have moved on from inserting links into your pages ... that's quite easy to spot by inspecting the HTML source. The googledrive.html page for example, combined with the l.php were a phishing page and mailer. I might still have a copy around somewhere and I'll share them here. So while your WP site might seem fine, your hosting/server is being used to send out phishing emails, and sometimes actually host phishing pages. My take is that unless you are sharing original files that you have downloaded, you probably should not be sharing. And if you do, you should point this out to fellow members of BBHF, and then allow them to take an informed risk. |
|||