Loading ...
Sorry, an error occurred while loading the content.

Re: ADMIN - Site Hijack?

Expand Messages
  • amatbrewer
    For what it is worth, I tried the link and going to it through BGT.org, and it works fine for me using IE?!?! Dave
    Message 1 of 8 , Jun 1, 2009
    • 0 Attachment
      For what it is worth, I tried the link and going to it through BGT.org, and it works fine for me using IE?!?!

      Dave

      --- In backpackgeartesters@yahoogroups.com, "Shane Steinkamp" <ygroups@...> wrote:
      >
      > > Ok, so here's one... When I click on the URL
      > > http://teststatus.backpackgeartest.org/ a pdf file
      > > automatically downloads on my desktop. My mac is setup to automatically
      > > try to open it, and when it
      > >does it can't for whatever reason so it force quits adobe. Usually the
      > pdfs have had names like
      > > 866.pdf, or 477.pdf and it says the source is sabition dot com .
      > > Any ideas?
      > > Other than that, all my tester info is accurate.
      >
      > That is quite odd. It did it to me as well, and I had to instruct Avast to
      > kill the connection. There is nothing in the source that would cause such a
      > thing. Perhaps we have been hijacked in some way. I'll pass it up to Dave
      > for advice.
      >
      > Shane
      >
    • Shane Steinkamp
      ... I use IE exclusively, and the external link did cause some malicious file to attempt download which was caught by Avast. There is nothing at all in any of
      Message 2 of 8 , Jun 1, 2009
      • 0 Attachment
        > For what it is worth, I tried the link and going to it through BGT.org,
        > and it works fine for me using
        > IE?!?!

        I use IE exclusively, and the external link did cause some malicious file to
        attempt download which was caught by Avast. There is nothing at all in any
        of the teststatus site that could cause such a thing, so I suspect a DNS
        hijack or something otherwise external to the site.

        Shane
      • Shane Steinkamp
        ... You are correct. BridGeT does not generate that. I wonder where it comes from... Shane
        Message 3 of 8 , Jun 1, 2009
        • 0 Attachment
          > There is some obfuscated javascript right after the BODY tag - it tries
          > to create an IFRAME to some third-party website. I didn't follow it
          > further than that, but it does look like a hijack of some sort.

          You are correct. BridGeT does not generate that. I wonder where it comes
          from...

          Shane
        • Shane Steinkamp
          I am uploading a fresh file set. Shane
          Message 4 of 8 , Jun 1, 2009
          • 0 Attachment
            I am uploading a fresh file set.

            Shane
          • Shane Steinkamp
            ... Should be. Shane
            Message 5 of 8 , Jun 1, 2009
            • 0 Attachment
              > Is it safe to go straight too BGT (not using the ADMIN links to get there?
              > I missed an edit when I
              > uploaded my Prime report this morning. Should have taken the nap
              > first...just had gotten off from
              > working a 24.

              Should be.

              Shane
            • Coy
              It is (safe), in case somebody else is nervous about getting on. Coy Boy
              Message 6 of 8 , Jun 1, 2009
              • 0 Attachment
                It is (safe), in case somebody else is nervous about getting on.

                Coy Boy

                --- In backpackgeartesters@yahoogroups.com, "Shane Steinkamp" <ygroups@...> wrote:
                >
                > > Is it safe to go straight too BGT (not using the ADMIN links to get there?
                > > I missed an edit when I
                > > uploaded my Prime report this morning. Should have taken the nap
                > > first...just had gotten off from
                > > working a 24.
                >
                > Should be.
                >
                > Shane
                >
              • Shane Steinkamp
                Totally safe now. Shane
                Message 7 of 8 , Jun 1, 2009
                • 0 Attachment
                  Totally safe now.

                  Shane
                Your message has been successfully submitted and would be delivered to recipients shortly.