sorry Polonus, I had said I would PM but have been in the foulest of moods over last few days
my issue is a bit different than the spectrum of problems that have hit netsol but ddanchev is bang on when he says ‘(netsol) should realize that for the sake of its reputation it should always use the following mentality - “protect the end user from himself” when offering any of its services.’
my issue concerns the error recorded in my original unpack analysis posted in my OP (see screenshot)
line:3: SyntaxError: unterminated string literal:
error: line:3: document.title = String(“mkis”); idzzz.push(‘printwrap’);valzzz.push(‘null’);txtzzz.push(’
error: line:3: …^
(exploit?) which I seem to have circumvented by reducing the extent of external involvement in the jscript environment, in particular appear to have written out qualifiers that follow String(“mkis”) for they are no longer manifest in later analyses
likewise, related to environment status you direct to - which analysis came after my fix - but does direct to my original analysis
hxtp:/www.networksolutions.com/web-hosting/index.jsp?siteid=100&channelid=P61C100S1N0B142A1D255E0000V100
status: (referer=www.google.com/trends/hottrends)failure: nonnumeric port: ’
and then block occurs again the next morning, before I tighten up even further external involvement in script on page
The external involvement in script in this case is a metatags script attached to header mkis -
as you see equivalent control carries no cache, which I actual prescribed ages ago, but was still unable to rid myself of meta script itself, so pretty much stuck with it - still the case, though previously had implicated more third parties than is case now
and script is still active in so much as contents are submitted to following search engines - cipinet, Excite (Jp.), FyberSearch, Google, Internet Times, WalHello - and I imagine are communicated first instance but not only by google spider bots
at one stage equiv control had carried content written into the header string, and this now draws a failure - now minus additional third parties but relating still to an environment - (which may be a dangerous vulnerability still unfixed)
Obvious there are still vulnerabilities as script draws errors - but these are not so dangerous
for example, a near exact similar externally involved script in another of my websites has drawn no block at all
same presciption except in this case the equivalent control had never cached content and so has never carried the especially dangerous vulnerability (I am speculating a bit here, because I say, I have only limited control through Site Tools)
The point I am trying to make is that while there are still relatively benign vulnerabilities in both these sites, manifest in errors that are returned in the analyses, and while these are still an issue, there was also previously a potentially dangerous vulnerability in mkis hosting service site that may now have enabled the incidence of a malicious exploit (I'm certainly not ruling it out)
the unterminated string literal is particularly worrying, unless someone can explain this to me
error: line:3: document.title = String("mkis"); idzzz.push('printwrap');valzzz.push('null');txtzzz.push('
error: line:3: .........................................................................................^
the download zip | explanation relating to this string literal still draws a block
however is now fixed at surface level anyway (that is, internal visible level)
worry is whether it is merely playing dead, and given conducive environment could reinstate exploit
netsol has been cleaning out the scripts and doing other work to tidy up site tools like ftp
I'm not convinced that this cleaning out has any effect on my issues even they have marked these issues as resolved
I'm not going to be totally satisfied until the metatag scripts have been totally removed from my pages
I don't think I need the externally involved search engine optimisation, and I doubt if I ever did need it
I think google took issue with it at one stage, but now seems to have accepted it
- I've mentioned before about this change in google and the loosening up of their search algorithm
anyways, here's the security postings from netsol
ftp password - http://docs.google.com/View?id=ah85g3kzb4tn_272t37x2fgj
run a script - http://docs.google.com/View?id=ah85g3kzb4tn_273dzfsnmc4
I've posted them through redirection links to google docs
I moved one of these redirection links off my mkis home page because I thought that the makeup of the link address may have approximated obfuscated text to the point that it was confusing the avast scanner - but no, this is not the problem
The problem is the continued persistence of the metatag script