Referer spam hijacking a site?

Forum Moderators: phranque

Message Too Old, No Replies

Referer spam hijacking a site?

Referrer spam with iframe injection...

koan

12:26 am on Mar 21, 2008 (gmt 0)

I just had a visit from one of those automatic guest form / forum spamming bot that also had a referrer spam using dsc.example.com search results to inject an iframe that probably installs viruses and such, which I will not post here, but it looked something like that:

http://example.com/search/results.html?query=BUNCH+OF+SPAM+KEYWORDS+<IFRAME+CODE>

Does <that site>'s search engine has security holes that can be exploited?

[edited by: engine at 12:40 pm (utc) on Mar. 26, 2008]

[edited by: physics at 7:30 pm (utc) on Mar. 26, 2008]
[edit reason] examplified [/edit]

stuartc1

12:31 pm on Mar 26, 2008 (gmt 0)

If that URL is the referrer then it's probably faked also.

physics

7:29 pm on Mar 26, 2008 (gmt 0)

If you're comfortable with reporting this to the "example.com" site I would say go ahead and do so. Just be careful they don't get the wrong idea and start thinking that you're hacking their site.

koan

10:52 pm on Mar 26, 2008 (gmt 0)

Hi physics, sorry for using real urls, I just wanted to alert the people concerned, but yeah, I've had a situation like this once where I reported a plagiarized article to the original author and he accused me of being the perp trying to get some publicity (!) so... sometimes there's no worse enemy than the newbies.