Thread: Where I keep my spare cats.
View Single Post
  #117  
Old June 2nd 17, 01:05 AM posted to rec.photo.digital
Diesel
external usenet poster
  
Posts: 346
Default Screenshot! (was - Where I keep my spare cats)
"David B."
Thu, 01 Jun 2017 10:35:39 GMT
in rec.photo.digital, wrote:

On 01/06/2017 11:13, Diesel wrote:
"David B."
Thu, 01 Jun 2017 08:10:45
GMT in rec.photo.digital, wrote:

On 01/06/2017 07:31, Diesel wrote:
Well, I wasn't a kid when I worked for Malwarebytes. Do you
understand what's involved in reverse engineering potentially
malicious 0day binaries?

Then SHOW folk just how good you are with such things!

With pleasure.

What malware can you find at the LIVE web page, Dustin?

Oh, you mean the site in my signature?
https://tekrider.net/pages/david-brooks-stalker.php

I imaged the site the other day..So, unless something 'new' has
been added in the past few days, it has no 'live malware' to
speak of.

From the link you shared (which I confirmed is still active)

Suspicious domain detected. Details:
http://sucuri.net/malware/malware-en...listed35?post1
script type="text/javascript"
src="http://windows-web-browsers.co.cc/alert/"

It doesn't like the co.cc link. Which presently points to a
'dead' domain that's been effectively parked and is available for
your taking, if you wanted it.

And sucuri wrongly automatically calls it malware and provides
this reason for it's justification:

A suspicious code was identified loading content from a
blacklisted domain.

so the domain was blacklisted, supposedly, and this somehow makes
having it in tekriders site 'malware'; Not ****ing hardly.

https://www.verisign.com/en_US/domai...in-names/index.
xhtml https://en.wikipedia.org/wiki/.cc

And as far as sucuri goes, take them with a large salt shaker:

https://www.whitefirdesign.com/blog/...i-makes-a-pers
uasive-case-that-you-should-avoid-using-their-services/

Now, you owe me David. I'll let you know what I want at a later
date.


Securi has done a LIVE check on the site for me.

It's Sucuri, David...

This if the result:
https://sitecheck.sucuri.net/results/www.tekrider.net

Well, you have another issue with Sucuri then.

wget tekrider.net
--2017-06-01 19:41:47-- http://tekrider.net/
Resolving tekrider.net... 192.251.238.3
Connecting to tekrider.net|192.251.238.3|:80... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: pages/index.php [following]
--2017-06-01 19:41:47-- http://tekrider.net/pages/index.php
Reusing existing connection to tekrider.net:80.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: `index.php'

[ = ] 5,737 --.-K/s in 0.02s

2017-06-01 19:41:47 (227 KB/s) - `index.php' saved [5737]

Verified the lines Sucuri thinks are present in the index.php using
alleycode and notepad (not necessary, but, I like to be thorough for
you) are not.

Also verified the results with firefox:

view-source:https://tekrider.net/pages/index.php

So, that's three seperate ways of doing it, and, all three confirm,
Sucuri is incorrect. Local mirrored copy (#1), wget (#2), firefox
(#3) as I know you're a bit 'slow' concerning matters of a
technical nature.

Securi has MUCH better standing in the community that you, Dustin!

Which community, David?

Did you read the informative link at whitefiredesign?

https://www.whitefirdesign.com/blog/...heir-services/


--
Nope, I can't go to hell.
Satan still has a restraining order against me.
https://tekrider.net/pages/david-brooks-stalker.php