[ale] Noscript found a couple of scripts I didn't write.
Mike Harrison
meuon at geeklabs.com
Wed Apr 15 13:22:28 EDT 2009
> I did a search of my code and I find no references to them. By what
> magic did they get involved in my site?
Via an advert/embed or your site has been "owned".
It looks like 'imaclk.com' is involved in semi-legit or legit adverts
and behavior tracking.
Welcome to XSS. Cross Site Scripting. ;)
I'd clear browser cache/cookies/etc..
start: sniffit -s @
in an empty directory, go surf the site again
and then examine your sniff files...
ie:
grep imiclk.com *
Note that you may not find it, it could be by IP address,
or obfuscated in the code. I've seen a lot of big weird strings
and a decrypt and execute command.
More information about the Ale
mailing list