Moped rider
I have tried this on more than one computer and get the same result ever time.
Close your browser and open it again or go into incognito / privacy mode. This deletes all the cookies.
Go to google and search "kiwi biker" or some other topic that will bring up results.
When you click on the link you get taken to somewhere else with popup adverts. It only does it the first time. The second time you click on the link it goes to the correct location.
Forum whore
Yep I noticed that a few days ago. Obviously the crack team at KB IT Department have been away from the keyboards for a while.
KB Chief Cat Herder
Yeah nah, bet you're using Avast
Zen wisdom: No matter what happens, somebody will find a way to take it too seriously. - obviously had KB in mind when he came up with that gem
Artificial intelligence is no match for natural stupidity
Forum whore
Nope I'd never touch that shit.Originally Posted by Mental Trousers
Hardcore Biker
Hmm interesting I had this happen a few weeks ago. Hasn't happened again since however.
Moped rider
Don't rely in AV software to save you.
My guess is a vulnerability it vBullietin that has allowed someone to modify the mod_rewrite rules or .htaccess in apache.
Might be a patch or else they will need to upgrade to a newer version.
Hardsnore Biker
Privacy mode huh. What are you looking at?
Moped rider
It only does it once. I think that it writes a cookie to prevent it happening again to the same person. Close your browser and open it again or you might need to delete cookies.
Or go into incognito / privacy mode.
You also need to be clicking on a link from google etc. Opening the site directly won't trigger it.
You should then see it again.
Moped rider
https://support.mozilla.org/en-US/kb...ut-saving-info
https://support.google.com/chrome/answer/95464?hl=en
IE also has this feature but wouldn't recommend using that....
KB Chief Cat Herder
More likely it's Google.
https://www.google.com/url?sa=t&rct=...85970519,d.dGc
That's the first link you get when you search Google for "kiwibiker". So they're not taking you directly to this site, they're passing you through something else.
If you logout, kill off your Incognito window, come back to this page as a guest and click on that link it takes you to filestore72.info rather than to this site.
Same thing happens with Bing.
Duckduckgo, ixquick and DogPile take you straight to this site. I haven't tried any others.
However, I'll check the site just in case.
Zen wisdom: No matter what happens, somebody will find a way to take it too seriously. - obviously had KB in mind when he came up with that gem
Artificial intelligence is no match for natural stupidity
Moped rider
No. KB has malware installed on it.
http://youtu.be/L9tjcB_ij-0?t=5m49s
KB Chief Cat Herder
Nope. There's only a single rewrite rule in any of the .htaccess files and that writes a forbidden.
Others are significantly harder to detect so they're going to take a while.
Zen wisdom: No matter what happens, somebody will find a way to take it too seriously. - obviously had KB in mind when he came up with that gem
Artificial intelligence is no match for natural stupidity
McNoob
http://www.vbulletin.com/forum/forum...lestore72-info
Solution: disabling register_globals, and/or initializing $vbseo_crules, $seo_replace_inurls at the start of vbseo.php.
Moped rider
Do you have a backup of the site from the last time that you modified it? Has to be at least a few months ago. They see what files have changed.
I use a tool called meld - http://meldmerge.org/
It will give you a side by side view of files that have changed in a directory. Also gives you a line by line view of changes in each file. Could be really useful for finding things like this.
KB Chief Cat Herder
Chur bro
Zen wisdom: No matter what happens, somebody will find a way to take it too seriously. - obviously had KB in mind when he came up with that gem
Artificial intelligence is no match for natural stupidity
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
Bookmarks