1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

test please delete

Collapse
This is a sticky topic.
X
X
24221 to 24230 of 359937 Previous 1 1423 1923 2323 2373 2413 2420 2421 2422 2423 2424 2425 2426 2433 2473 2523 2923 3423 35994 template Next
Collapse
Reply to Thread
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
24221 to 24230 of 359937 Previous 1 1423 1923 2323 2373 2413 2420 2421 2422 2423 2424 2425 2426 2433 2473 2523 2923 3423 35994 template Next
    #24221
    I visit ripe.net and enter the miscreant's IP address as shown in the logs...

    Code:
    organisation:    ORG-[redacted]-RIPE
org-name:        businesscom2
org-type:        OTHER
address:         Yerevan
address:         Armenia
e-mail:          [redacted]@bcsatellite.net
    It appears to belong to a cable and satellite company in Armenia

    Comment

      #24222
      An examination of my WordPress installation shows nothing untoward, and the database appears to contain no other nasties.

      Also, no other edits or posts have been made to the site that aren't from an IP address I use.

      I conclude, after once again checking with the debugging proxy, that I have eradicated the problem.

      But...

      how did they get in?

      Comment

        #24223
        i hate it when you get snow in your boots

        Comment

          #24224
          Off to wordpress.org and check the documentation.

          Sure enough, my cookie is all that is needed to log in as me.

          And how would somebody else get my cookie?

          Comment

            #24225
            Repeat after me: XSS

            Or, to give it its full title, a cross-site scripting vulnerability.

            Comment

              #24226
              Morning DS

              Comment

                #24227
                At some point, I had visited a site which contained a XSS thingy which was able to steal a copy of my WordPress cookie and send it to the evil Armenian. He then modified one of my posts to embed hidden nastiness in my site (and, as it happened, in one of the most popular articles on my site).

                Comment

                  #24228
                  Originally posted by NickFitz View Post
                  Morning DS
                  morning nickfitz. and your website is?

                  Comment

                    #24229
                    right. time for some breakfast. marmite on toast and another cup of coffee.

                    Comment

                      #24230
                      Now I'm sure you're all saying "Right, porn" at this stage... but recent research by Google showed that much of this stuff is on normal sites too.

                      Take that site that you found in a search that had some seven-years-out-of-date, never-updated information.

                      Once upon a time, that page had a counter at the bottom - one of those things you used to see that said


                      You are visitor
                      0000NaN
                      Counter supplied by cute-web-counter.net

                      Comment

                      Reply to Thread
                      24221 to 24230 of 359937 Previous 1 1423 1923 2323 2373 2413 2420 2421 2422 2423 2424 2425 2426 2433 2473 2523 2923 3423 35994 template Next

                      Advertisers

                      1. Contracting
                        1. General
                          1. Brexit
                        2. Business / Contracts
                          1. Coronavirus Assistance
                        3. Accounting / Legal
                          1. Umbrella Companies
                          2. HMRC Scheme Enquiries
                          3. The Future of Contracting
                          4. IR35 Reform
                        4. Technical
                        5. Welcome / FAQs
                      2. Social
                        1. Light Relief
                        2. Social / Events
                      Working...
                      X