GPSFileDepot.com
 

News:

Welcome to GPSFileDepot!

Main Menu

Domain forwarding issue

Started by jbensman, March 01, 2012, 06:34:21 PM

Previous topic - Next topic

jbensman

I would suggest until this gets fixed, put some simple hrml at gpsfiledepot.com stating the site has been hacked and the problem is being worked on, then give a link to the site and let people know which browsers work.

-Oz-

I wonder if I could pull that off based on browser.  This exploit appears to be based on php itself.
Dan Blomberg
Administrator - GPSFileDepot
GPS Units: Garmin Dakota 20, Garmin GPSMap 60csx, Nuvi 255W, Nuvi 250W, ForeRunner 110, Fenix 2, Tactix Bravo, Foretrex 401
See/Download My Maps!

Boyd

Here's a wikipedia page on "SQL injection" which seems to be what is happening: http://en.wikipedia.org/wiki/SQL_injection

Also, look at this post from just a few days ago. Their site seems to be suffering from the exact same thing - also getting redirected to myustreamtv.rr.nu as we are here:

http://www.htmlforums.com/website-review/t-need-help-146029.html

Indrid Cold

Quote from: Boyd on March 02, 2012, 02:26:44 PM
You have a Mac, right? In Safari go Window > Activity then go to http://forums.gpsfiledepot.com/ and observe what happens. Hit refresh, and every time you do a different but similar url is embedded - here are two screenshots.
I tried that and struck out, nothing in the Activity window. Lot's of refreshing....

I'll have to take a laptop offsite to Starbucks later and mess with the settings.

GreyDude

Been having the same attack/redirect problem for gpsfiledepot.com for the past 3 days. I used Norton Internet Security's Safe Web facility and it returned a 'green' site access -- no problems, but when I try to access the site through IE8, I get rerouted.  Using Firefox the website is accessible and have never been redirected using this browser.  Norton Customer Support basically said it was an IE problem.
Within the past hour or so, I have been able to access the gpsfiledepot.com site with IE. Not sure if this is only temporary or someone has found and disabled the culprit.
Thanks for your continued support.

-Oz-

I believe it has been fixed.  Not seeing it anymore; found a script that cleaned everything out.
Dan Blomberg
Administrator - GPSFileDepot
GPS Units: Garmin Dakota 20, Garmin GPSMap 60csx, Nuvi 255W, Nuvi 250W, ForeRunner 110, Fenix 2, Tactix Bravo, Foretrex 401
See/Download My Maps!

Boyd

Quote from: Indrid Cold on March 03, 2012, 02:44:32 PMI tried that and struck out, nothing in the Activity window.

Yep, it's gone now. Nice work Dan!  :)

Indrid Cold

Quote from: Boyd on March 03, 2012, 04:14:39 PM
Quote from: Indrid Cold on March 03, 2012, 02:44:32 PMI tried that and struck out, nothing in the Activity window.

Yep, it's gone now. Nice work Dan!  :)
Turns out I had java-script off so I wasn't redirected.

jbensman

Yes it is now fixed.  Way to go and what a jerk it was that hacked us!  Any idea on how it happened?

-Oz-

Still working on how it happened but it was either through the forums or via the map/article writing script.
Dan Blomberg
Administrator - GPSFileDepot
GPS Units: Garmin Dakota 20, Garmin GPSMap 60csx, Nuvi 255W, Nuvi 250W, ForeRunner 110, Fenix 2, Tactix Bravo, Foretrex 401
See/Download My Maps!

maps4gps

The three URLs I restricted had .de.lv extensions.

henry001

I wonder if it is safe to download map files now???

Boyd

I don't think that was ever an issue, from what I saw. I don't believe this was a virus that could infect your own computer, it was an exploit infecting the web server that hosts gpsfiledepot. As far as I could tell, it only attempted to redirect you to a completely unrelated website (see links above) by embedding links to that site in the web page.

I don't see how that could affect a file that you download from GPSFileDepot.

henry001

That is good to hear. I was afraid to open those exec files.

Boyd

As always, you should keep your anti virus software up to date.  :)