After I visited a CP site reported below I got a file named blank.html copied to my C drive containing CP links + the homepage set to it!!!

It HAVE to be illegal or what?

yea, i got the blank.html file as well

in addition to that, i got popup hell and some sites start placing short cuts on my desktop to many cp and lolita sites http://bbs.adultwebmasterinfo.com/ubb/frown.gif

that totally sucks

not to mention the 12 or so new favorites i had

this crap is frustrating

Damn SHIT

I gotta go to my g/f's place and remove the shit - I viewed the site from her laptop !

Fortunately nothing was there on the hdd.

Does anybody know if only html applications like *.html, *.htm, *js, *hta, *shtml etc that can be copying onto the HDD? Or can in theory any file be placed on your DHH?

I hope not, being able to copy more advanced script files or executables to the windows autostart group or edit the registry to execute them would REALLY scare the surfers off surfing these sites... That would basically mean you could do anything to the surfer. Including opening backdoors, and other stuff.

I know I've got one file copied to my autostart once. Can't remember the extension though. But it was some simple file containing some java code (don't remember exactly).

I really don't think that would be possible. It just sounds way to big.

Actually if you surf with javascript and activex enabled with full permissions, you'd better believe ANYTHING can be placed on or done with your hard disk.

Just one method is a simple matter of wrapping the files (exe, bat, htm, hta, dll, whatever) in a cab file, set the inf for auto-install, and if the surfer has lax IE security settings then the evil mofo's can do whatever the hell they desire.

Niteline's dialers are a good example of this sort of shit -- benign though compared to what CAN be done.

At a MINIMUM set VM/Java permissions to HIGH, at least then you get a chance to stop it with a window asking permission first.

Actually they dont need to be in a cab file. If you have low security and not enuff knowledge to secure your system properly there could be lots of things happening that you will never know about.

Just imagine if that java code happened to be linked a deltree type command that actually deleted key registry files instead of adding them.

I have seen exploits in all shapes and sizes from fake screensavers to fake shortcuts which would otherwise be harmless. Every day people are working hard to find new ways to fuck you and i feel for the antivirus companys who must have a hard time keeping up with newly developed things that seem to remorf with differ strings and filetypes weekly.

Basically the only 100% saftey net is a text browser but thats not the answer especailly for an adult webmaster http://bbs.adultwebmasterinfo.com/ubb/tongue.gif

What you really should do if report these sites to the hostmaster ASAP. If they dont take action then you contact the hosts upstream provider and advise them. Most times it wont go that far but you gotta do what you gotta do. I have never had a host not comply when asked to remove a site for running exploits.

Hey, don't you guys protect yourself? Not a day goes by without I get a lot of warnings from my Norton Internet Security that a site is trying to write in my registry, mostly when I check galleries.

Sorry to be a nitpicker.... 8)

"Actually they dont need to be in a cab file. "
That's why I wrote "Just one method is a "

"there could be lots of things happening that you will never know about. "
That's why I wrote "ANYTHING can be ... done with your hard disk"

The potential damage is really only limited by the imagination of some of these people.

As far as I know, restricting the browser's activex and javascript permissions will protect your system from most web-based exploits. This, and regular scanning for viruses and trojans is the best way to stay safe IMHO.

This may seem as a very stupid question, but I need to ask... What does "IMHO" mean?

All I know is "LOL", "OMG", "ROFL" and "LMAO", it's not fair! LOL

http://bbs.adultwebmasterinfo.com/ubb/biggrin.gif

Should help you Pornwilly 8-)

http://www.k-e-n-t.dk/LOL.htm

Some funny acronyms there...lol http://bbs.adultwebmasterinfo.com/ubb/biggrin.gif
IANAL=I Am Not A Lawyer

<font face="Verdana, Arial" size="2">Originally posted by Arthur:
Should help you Pornwilly 8-)

http://www.k-e-n-t.dk/LOL.htm</font>

LOL, thanks Arthur. My word vocalbulary just expanded. http://bbs.adultwebmasterinfo.com/ubb/biggrin.gif

uummm... not to get off topic, but why on earth would you click a link that you KNEW to be CP in the first place?

Guys, go to Microsoft.com and get the critical updates for IE -- they've patched up most of the leaks that let Asher's scripts hook your boxes http://bbs.adultwebmasterinfo.com/ubb/smile.gif

<font face="Verdana, Arial" size="2">Originally posted by cynthia:
uummm... not to get off topic, but why on earth would you click a link that you KNEW to be CP in the first place?

</font>

Heh, the poster asked us to evaluate and report it.