cross script attack

pgm554

Member
Joined
Sep 1, 2014
Messages
22
Reaction score
3
What's up with the XSS attacks (again)?
Unless I have a script blocker in place ,this site runs a java script attack.
This has been going on for a very long time.

A very good reason I don't visit this site anymore.

Also one of folks on another site says you are having captcha issues to join this forum.
 

zenstat

Senior Cymbal Nerd
Joined
Feb 5, 2012
Messages
3,881
Reaction score
566
Location
Auckland New Zealand
Link to the thread on VDF claiming captcha isn't working for them:

http://www.vintagedrumforum.com/showthread.php?t=62302

which also contains various dire warnings about malware on DFO, and links in turn to a thread on DrummerWorld

http://www.drummerworld.com/forums/showthread.php?t=139431

which also contains various dire warnings about malware on DFO.

I'm one of the people who has never had any problems at all so I can't help with the diagnosis of these issues. But I recognize the potential for reputational damage when I see it.
 

equipmentdork

DFO Veteran
Joined
Sep 20, 2011
Messages
1,555
Reaction score
211
Location
NJ
I got whacked by one of the red scareware screens recently(I chronicled my delight in a thread on here) and had to task manage it away. After retreating to Sandboxie for a while, I tweaked my No Script settings and I think that took care of it. It seems like it was triggered when I hit a button like "post" or "quote" or something.



Dan
 

drawtheline55

Owner/admin
Administrator
Moderator
Joined
Jan 31, 2011
Messages
3,645
Reaction score
140
Location
Boston
I have forwarded these issues to our tech guys, thanks, Ben
 

Billster

Very well Known Member
Joined
Mar 24, 2007
Messages
834
Reaction score
5
Location
Richmond, Michigan
drawtheline55 said:
I have forwarded these issues to our tech guys, thanks, Ben
Ben, Thanks for responding. I have had to stop accessing DFO from my Android device because of malware issues.
It will be really great once I can spend more time on DFO again without getting whacked. Billster
 

drawtheline55

Owner/admin
Administrator
Moderator
Joined
Jan 31, 2011
Messages
3,645
Reaction score
140
Location
Boston
Thanks Bill, the Captcha issue is resolved. Any other possible issues are being looked at.

Ben
 

forumtech

Administrator
Staff member
Administrator
Moderator
Joined
Apr 18, 2017
Messages
9
Reaction score
0
pgm554 said:
What's up with the XSS attacks (again)?
Unless I have a script blocker in place ,this site runs a java script attack.
This has been going on for a very long time.

A very good reason I don't visit this site anymore.

Also one of folks on another site says you are having captcha issues to join this forum.
Could you please post a screenshot or send me more details?

Detection tests say the forum is clean. Are you sure your computer doesn't have malware?

The site is clean, there are no doubts:
https://www.virustotal.com/#/url/0dc7725470bc5c4de31bebc81757cf744093eef808da2e8d850fc82996b66a17/detection
http://scanner.pcrisk.com/detailed_report/www.drumforum.org#details
https://rescan.pro/result.php?ac0146f07eb3619a3d6e901b4a8bdf6c
https://app.webinspector.com/public/reports/81895558
https://sitecheck.sucuri.net/results/www.drumforum.org
https://quttera.com/detailed_report/www.drumforum.org
 

pgm554

Member
Joined
Sep 1, 2014
Messages
22
Reaction score
3
You are on a number of current black lists,so at some very recent point in time you got reported.

Whether this was a drive by hack or some other issues with your hosting service has yet to be determined.

I can only go by my own experience on this site and it has not been good in terms of security.

Try MX Toolbox
 

forumtech

Administrator
Staff member
Administrator
Moderator
Joined
Apr 18, 2017
Messages
9
Reaction score
0
pgm554 said:
You are on a number of current black lists,so at some very recent point in time you got reported.

Whether this was a drive by hack or some other issues with your hosting service has yet to be determined.

I can only go by my own experience on this site and it has not been good in terms of security.

Try MX Toolbox
Please, if you aren't going to provide any facts I'll kindly ask you to stop saying Drumforum isn't secure.


 

Billster

Very well Known Member
Joined
Mar 24, 2007
Messages
834
Reaction score
5
Location
Richmond, Michigan
After a long break, I'm getting the pop-up attacks on my Android again, only while accessing DFO.ORG.

Anyone else experiencing this very annoying problem?
 


Top