Site is www.interbasquet-cba.com.ar
greetings
Site is www.interbasquet-cba.com.ar
greetings
if the virus has been blocked and alwil know about the website and no reason to post it since you are not infected why you put it,???
It annoys me having to deactivate antivirus to enter in website.
This page seems to be
http://www.UnmaskParasites.com/security-report/?page=www.interbasquet-cba.com.ar
But google is saying ( Malicious software includes 714 trojan(s)
http://www.google.com/safebrowsing/diagnostic?site=www.interbasquet-cba.com.ar
This site was hosted on 1 network(s) including AS27823 (Dattatec.com).
Diagnostic page for AS27823 (Dattatec.com)
Has this network hosted sites that have distributed malware?
Yes, this network has hosted sites that have distributed malicious software in the past 90 days. We found 64 site(s), including, for example, juanfurlan.com.ar/, areasdm.com.ar/, enpucon.cl/, that infected 3280 other site(s), including, for example, klawrojna.com/, nojom-pal.com/, bnt-a.com/.
4 Pondus:
no it is really has redirection to the infected website “i am not so advanced in java script so dont blame me”
It is NOT FP.
There is redirect to hXXp://www.interbasquet-cba.com.ar/2008/index.php
And there is malicious script at the end of this file (eval (unescape ('%77%69…)))
Hi Pondus,
Yes, Martinss should make the live link there non-clickable by using htXp or wXw, and the link is given as clear but the history of Malicious software includes 714 trojans, just does not sound promishing.
This site was hosted on 1 network(s) including AS27823 (Dattatec.com).
See what we can find further:
The clean results is because of Blank page / could not connect
No ad codes identified File size: 725 bytes
File MD5: 9063eaf69e368e1d9c7bcd278c1792b9
This is the script Superhacker means: htxp://www.interbasquet-cba.com.ar//Script.0
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>404 Not Found</TITLE>
</HEAD><BODY>
<H1>Not Found</H1>
The requested URL //Script.0 was not found on this server.<P>
<P>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.
<HR>
<ADDRESS>Apache/1.3.41 Server at www dot interbasquet-cba.com dot ar Port 80</ADDRESS>
</BODY></HTML>
Server: Apache/1.3.41 (Unix) mod_auth_passthrough/1.8 mod_bwlimited/1.4 mod_log_bytes/1.2 ^^ mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5 FrontPage/5.0.2.2635 ^^
check for older web software, because of exploits as this could be compromised via PHP:
</style>^script>^^
document.location='htxp://www.interbasquet-cba.com.ar/2008/index.php'
<^/script> ^^ broken by me, polonus
</head>
activeX BOF exploit
That’s all,
polonus
Hello,
the website is infected and you should contact the owner to clean it up instead of turning your AV off. VT report http://www.virustotal.com/analisis/40598fb3f7747398ade25f73e58073740fb8b1667ef0a55b836643793eb0004a-1268595419
Infection is located in document located at:
hxxp://www.interbasquet-cba.com.ar/2008/index.php
It’s at the end of the html code. You will found it by searching string “eval(unescape” without quotes. The code is placed after many tabs, so you might not see it for the first time.
Regards
Forbidden
You don’t have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
This is what Chrome says when I try to access the website.
Thanks polonus,i really dont plan to be professional in JavaScript maybe next year
Hi superhacker,
A bit of JS script knowledge and of the devolping errors that make exploits possible can be helpful, malzilla can elaborate on the code better than a human source and every browser knows how to run it.
In Firefox No-Script add-on is a good prevention against malcode infections and RequestPolicy to prevent malicious third party code to run. Obfuscated code and code outside HTML should always be checked because of malcode redirection - moreover the avast shield is one of the best around,
polonus
Knowing of exploiting is so good"my work when i have no thing to do"but not in javascript,c++ was so good to this mission but python now start to become more shining and flexible to do this work