disable javascript to see the forums/or use mobile

aleksv

Purple Belt
@purple
Joined
May 11, 2010
Messages
2,234
Reaction score
0
just saying ^^
 
Last edited:
Red-Alert-3.gif
 
someone put a bit of code in the notices thingy
 
wait whats going on? on my phone and everything's good
 
i hope the people see the thread on the frontpage ^^
 
wait whats going on? on my phone and everything's good

someone injected a little bit of code to redirect sherdog forums to his twitter account.
similar like the one where the ufc site was redirected to someones homepage
 
I disabled scripts and managed to dismiss the notice and now no redirecting anymore with scripts back on.
 
This is a script kiddy. He added/injected this javascript (a whole 1 line) to the Notices area of sherdog.net...

Code:
	<script type="text/javascript">
<!--
window.location = "http://twitter.com/mentalug/"
//-->
</script>

These forums have been vulnerable to Cross-Site Scripting and even XSRF for years. This is just a script injected to redirect to his twitter page. If he was smart (which he's not) then he would've used an HTML redirect instead...

Code:
<meta http-equiv="refresh" content="0;URL='http://twitter.com/mentalug/'">
 
Yep experienced it few minutes ago so I switched to my mobile. Any idea when it will be fixed?
 
This is a script kiddy. He added/injected this javascript (a whole 1 line) to the Notices area of sherdog.net...

Code:
	<script type="text/javascript">
<!--
window.location = "http://twitter.com/mentalug/"
//-->
</script>

These forums have been vulnerable to Cross-Site Scripting and even XSRF for years. This is just a script injected to redirect to his twitter page. If he was smart (which he's not) then he would've used an HTML redirect instead...

Code:
<meta http-equiv="refresh" content="0;URL='http://twitter.com/mentalug/'">

Correct. Anyone with a keyboard and Google can pull this off.
 
What the hell happened!? My tab just had a nervous breakdown going between sherdog and twitter. Lol
 
Shit hack, but funny. I just went into my browser options and turned off redirects.
 
Imo bomb that guys twitter with something. :) For example pretend you found his twitter on some bestiality site and you have a nice pony for him to play with.
The only problem is that guy might be innocent and someone else redirected it to him,
 

Forum statistics

Threads
1,232,076
Messages
55,120,051
Members
174,622
Latest member
DrederickH8m
Back
Top