Jump to content
Detective Conan World
Uncle Sporkums

"Phishing" Security Report

Recommended Posts

I wouldn't assume there is no danger. IPboard (the maker of the forum software) was in the news recently because an attacker hoped to push a botnet trojan via a vulnerability, but was blocked by security researchers alerting the forum makers of his intentions. That said, if you protect yourself by blocking flash and javascript, you are probably alright.

 

My computer has been telling me to update those things since forever, disabling them is no problem. (^^)b

Share this post


Link to post
Share on other sites

It's seems to have gone now.

Btw something related to this matter, a few months ago if I simply searched on google something like "detective conan file xxx discussion" and say the link for the certain file's discussion topic of this site shows up, if I clicked on it I would be redirected to a weird website with like a pornographic image, the I would have to click back to get to the google search results page and then when I clicked the link again it would be fine. After that I simply started searching "detective conan episodes" and then I would click on the link to this site's anime list(which never had any problem for me) and then click on forums to come here. Fortunately I was not hit by any virus or anything from that.

Share this post


Link to post
Share on other sites

Don't worry, I've been working on adding an extra layer of protection (firewall + more). What you see right now could be normal for the next few days. It will hopefully get solved soon!

  • Upvote 1

Share this post


Link to post
Share on other sites

The new Sucuri firewaall seems to be a bit hyperactive on the wiki. It's mistaking my edits for an SQL injection. My edit that triggered it was this:

 

== ConanLoverA's family page ==

I undid your edits to User:ConanLoverA's families page. The reason why is because those pages are User:ConanLoverA's personal pages which are in his subspace. They are not general wiki pages. If you look at the url for those two pages, you can see they subdirectories of his username page. Personal space pages are not free for anyone to edit unless the owner gives permission. This is to let people keep personal projects, theories, and references as they want without interference from others. If you want to edit ConanLoverA's project, please go to the history tab, select the last revision made by you, copy the page source, and paste a copy in your own subspace. That new copy then becomes all yours to edit. [[user:Chekhov MacGuffin|'''<font color=#B22222">Chekhov</font> <font color="#2F4F4F">MacGuffin</font>'']] <sup>[[user talk:Chekhov MacGuffin|'''<font color=#696969">talk</font>'']]</sup> 01:32, 25 May 2016 (CEST)

Where? --Arringtastic1992 01:35, 25 May 2016 (CEST)

:To make a subpage, select your username. Then go to the url bar, add a slash /, and then the name of the subpage you want to create. Go to that blank page and edit it. For instance, [[user:Arringtastic1992/Example]] makes a page in your subspace called "Example". ~~~~

 

Incidentally, I think the edit summary might have been the trigger. The original edit summary was this: /* ConanLoverA's family page */ How to make a user subspace page. By removing both the opening /* and the closing */ I was able to edit the page. It seems that the presence of /*  Example */ causes the problem. Removing either the opening or the closing markers (or both) allows the edit through. It doesn't seem to trigger on all pages though. I tried editing a section on a mainspace page and my userpage without it throwing an error.

 

Sucuri_false_alarm.png

Share this post


Link to post
Share on other sites

I've whitelisted the wiki since the wiki software would catch SQL injections anyway (it's true that /* */ could be used for SQL injections but if the software is well coded, it shouldn't cause issues anyway).

 

Let me know if there are other issues with the wiki.

Thanks for the report.

  • Upvote 1

Share this post


Link to post
Share on other sites

I think I've found the reason why the Phishing thingy happened:

https://blog.sucuri.net/2015/02/analyzing-malicious-redirects-in-the-ip-board-cms.html

 I tried going to DCW through google and it redirected me to that URL4SHORT site thing and then when I tried doing it again, it didn't redirect me anymore. Same thing as what the article said.

It's gone now btw since the DCW forum software was updated. It fixed the problem.

  • Upvote 3

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
  • Create New...