the url of the form or the link are correctly formed? I mean, do you have the HREF and ACTION attribute pointing to /cgi-bin/WebObejcts/YourApp.woa/wo/SESSION_ID/Num.ber.Pro.Gre.ssi.ve ?
2012/4/12 Gino Pacitti <[email protected]> > No .. completely just form submits and links... > > It is weird. A normal link to a Component Action results in the URL > changing and a Adult site appearing. It looks a bit like DNSSwapping which > I looked into but I have ran scans on this with no results... > > > Gino > > On 12 Apr 2012, at 19:52, Daniele Corti wrote: > > Hi, >> Just one thing that I was thinking: do you use AJAX in the form or link >> where the redirection occurs? >> >> 2012/4/12 Gino Pacitti <[email protected]> >> I will have to give that a try... >> >> Gino >> >> On 12 Apr 2012, at 19:47, Daniele Corti wrote: >> >> Hi, >> That's strange, can you download the .woa packages (the Application and >> the WebResources) and install them on a test site and see if the >> redirection happens? >> >> >> 2012/4/12 Gino Pacitti <[email protected]> >> no database seems clean - tried to search for a 'script' word in any >> fields and nothing came back - its like the whole site gets redirected when >> you click a form to go to a Direct Action? >> >> Gino >> >> On 12 Apr 2012, at 16:25, Daniele Corti wrote: >> >> Hi Gino, >> is the Direct Action, actually, generating the HTML from content fetched >> from the DB? If so, can you check the records that are fetched in the DA, >> if they have some script injections? >> >> Regards, >> >> 2012/4/12 Gino Pacitti <[email protected]> >> I have been hijacked... >> Its redirecting and also spreading virus to PC - not everyone but a >> percentage of users have had warnings and alert screen concerning the site. >> >> What should i look for in the logs? >> >> Gino >> >> On 12 Apr 2012, at 16:02, Pascal Robert wrote: >> >> You are hijacked or you are seeing hacks attempts? What do you see in the >> Apache logs? >> >> Hi >> Anyone had any experience of how a site can be hijacked? >> >> I mean that a normal link to a Direct Action gets redirected to a new >> site (Adult Content) >> >> I cannot see how this is being done - Components does not contain any >> scripts except for Google Ananlytics yet clicking on a submit button or >> links causes this. >> >> It is also not on every attempt - it seems to happen randomly?? >> >> Any help appreciated >> >> Gino >> ______________________________**_________________ >> Do not post admin requests to the list. They will be ignored. >> Webobjects-dev mailing list >> ([email protected].**com<[email protected]> >> ) >> Help/Unsubscribe/Update your Subscription: >> https://lists.apple.com/**mailman/options/webobjects-** >> dev/probert%40macti.ca<https://lists.apple.com/mailman/options/webobjects-dev/probert%40macti.ca> >> >> This email sent to [email protected] >> >> >> ______________________________**_________________ >> Do not post admin requests to the list. They will be ignored. >> Webobjects-dev mailing list >> ([email protected].**com<[email protected]> >> ) >> Help/Unsubscribe/Update your Subscription: >> https://lists.apple.com/**mailman/options/webobjects-** >> dev/ginokris%40me.com<https://lists.apple.com/mailman/options/webobjects-dev/ginokris%40me.com> >> >> This email sent to [email protected] >> >> ______________________________**_________________ >> Do not post admin requests to the list. They will be ignored. >> Webobjects-dev mailing list >> ([email protected].**com<[email protected]> >> ) >> Help/Unsubscribe/Update your Subscription: >> https://lists.apple.com/**mailman/options/webobjects-** >> dev/ildenae%40gmail.com<https://lists.apple.com/mailman/options/webobjects-dev/ildenae%40gmail.com> >> >> This email sent to [email protected] >> >> >> >> -- >> Daniele Corti >> -- >> I DON'T DoubleClick >> >> ______________________________**_________________ >> Do not post admin requests to the list. They will be ignored. >> Webobjects-dev mailing list >> ([email protected].**com<[email protected]> >> ) >> Help/Unsubscribe/Update your Subscription: >> https://lists.apple.com/**mailman/options/webobjects-** >> dev/ginokris%40me.com<https://lists.apple.com/mailman/options/webobjects-dev/ginokris%40me.com> >> >> This email sent to [email protected] >> >> >> >> >> -- >> Daniele Corti >> -- >> I DON'T DoubleClick >> >> >> >> >> >> -- >> Daniele Corti >> -- >> I DON'T DoubleClick >> >> > -- Daniele Corti -- I DON'T DoubleClick
_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
