Bitcoin Forum
July 20, 2018, 01:48:03 AM *
News: Latest stable version of Bitcoin Core: 0.16.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: XSS Exploit on bitcointalk.org  (Read 871 times)
atmclikk
Jr. Member
*
Offline Offline

Activity: 30
Merit: 0


View Profile
September 23, 2013, 07:03:20 PM
 #1

Mods please check this -

if you go to this thread - https://bitcointalk.org/index.php?topic=253749.380

then try to navigate to the next page, currently Chrome is throwing a red flag, mentioning something about the site 'dearhusband . com ' being known as having malicious code distributed from it.  it looks like XSS to me.  Just thought I'd mention it.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1532051283
Hero Member
*
Offline Offline

Posts: 1532051283

View Profile Personal Message (Offline)

Ignore
1532051283
Reply with quote  #2

1532051283
Report to moderator
grue
Legendary
*
Offline Offline

Activity: 2100
Merit: 1140



View Profile
September 23, 2013, 07:29:07 PM
 #2

then try to navigate to the next page, currently Chrome is throwing a red flag, mentioning something about the site 'dearhusband . com ' being known as having malicious code distributed from it.  it looks like XSS to me.
do you even know what XSS is? The warning was triggered because there were 2 images from a blacklisted site. It's most likely a image hosting site that was hacked to distribute malware.

images in question:
http://dearhusband.com/monoclemanhub1.JPG
http://dearhusband.com/monoclemanhub2.JPG

It is pitch black. You are likely to be eaten by a grue.

Adblock for annoying signature ads | Enhanced Merit UI
Maged
Legendary
*
Offline Offline

Activity: 1260
Merit: 1004


View Profile
September 23, 2013, 07:32:39 PM
 #3

I think I fixed it (I unembedded the images). Let us know if it's still giving a warning, thanks!

atmclikk
Jr. Member
*
Offline Offline

Activity: 30
Merit: 0


View Profile
September 23, 2013, 08:04:55 PM
 #4

then try to navigate to the next page, currently Chrome is throwing a red flag, mentioning something about the site 'dearhusband . com ' being known as having malicious code distributed from it.  it looks like XSS to me.
do you even know what XSS is? The warning was triggered because there were 2 images from a blacklisted site. It's most likely a image hosting site that was hacked to distribute malware.

images in question:
http://dearhusband.com/monoclemanhub1.JPG
http://dearhusband.com/monoclemanhub2.JPG

no need to be a dick about it.  yes i know what xss is.  thats what my antivirus reported. 
TradeFortress
https://bitcointalk.org/index.php?topic=4589356.0
VIP
Legendary
*
Offline Offline

Activity: 938
Merit: 1011


View Profile
September 24, 2013, 01:00:31 AM
 #5

no need to be a dick about it.  yes i know what xss is.  thats what my antivirus reported. 
An image is not a script, it can't do anything harmful unless you are on a very ancient browser.

Did you lose money in CoinLenders or Inputs.io? Please contact me by Dec 31st, 2018 to receive a reimbursement
Beware of impersonators! I will ONLY ever email you from admin+g [at] glados.cc , and I will ONLY ever contact you from this bitcointalk account.
grue
Legendary
*
Offline Offline

Activity: 2100
Merit: 1140



View Profile
September 24, 2013, 11:20:15 PM
 #6

do you even know what XSS is? The warning was triggered because there were 2 images from a blacklisted site. It's most likely a image hosting site that was hacked to distribute malware.
[...]

no need to be a dick about it.  yes i know what xss is.  thats what my antivirus reported.  
>appeal to tone

It is pitch black. You are likely to be eaten by a grue.

Adblock for annoying signature ads | Enhanced Merit UI
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!