• WARNING MALLERS! •

Submitted by Soldier on Fri, 16/07/2010 - 5:12pm
want2beme was cookie grabbed. So if you have him in your mall code or whatever delete him ASAP. His shop has a broken j@vascript code in it.. it could work to steal cookies. Just a warning.... His shop size is 1000+ So who knows if he is in a mall or not.
Forums: 
Neopets Misc
  • 16072 reads

Yep. I'm iside it and seeing if i can find a way to block it. noscript probably wont work ----------------------------- [color=purple]Contrary to popular belief, the Irish and I are not married[/color]
----------------------------- [color=purple]Protect your account[/color] http://www.neopets.com/~punchback_bob CG information & more
saudor | Fri, 16/07/2010 - 5:34pm |

[quote=saudor]Yep. I'm iside it and seeing if i can find a way to block it. noscript probably wont work ----------------------------- [color=purple]Contrary to popular belief, the Irish and I are not married[/color][/quote] I honestly think it doesn't even work. if you go to the site it will steal your cookies but the code doesn't re-direct you or transfer you to another shop or something. And also dmitri i need a little help with PHP :) Care to help?! ----------------------------- [color=green]NEW MAIN MARKET MALL! Click [url=http://neopets.com/~kluioa]here[/url] to view openings!![/color]
______________________________________ [color=#303030]Get protection from Cookie Grabbers: /~Punchback_bob [/color]
Soldier | Fri, 16/07/2010 - 5:36pm |

i'm verifying that now. I uploaded a fake cookie.php file onto this server and changed the embedded url to point to neomallers and reloaded the page (it's a special feature of opera to be able to refresh the page after editing source) Im not getting a hit on neomaller's server so it might not work after all. However, it might work with IE since that browser likes to process weird code. Plus i dont remember the + sign working in FF based browsers either Attached is the code EDIT: Just confirmed viewing the hut (120) is safe. CSS isnt working properly from it ----------------------------- [color=purple]Contrary to popular belief, the Irish and I are not married[/color]
----------------------------- [color=purple]Protect your account[/color] http://www.neopets.com/~punchback_bob CG information & more
saudor | Fri, 16/07/2010 - 5:39pm |

[quote=saudor]i'm verifying that now. I uploaded a fake cookie.php file onto this server and changed the embedded url to point to neomallers and reloaded the page (it's a special feature of opera to be able to refresh the page after editing source) Im not getting a hit on neomaller's server so it might not work after all. However, it might work with IE since that browser likes to process weird code. Plus i dont remember the + sign working in FF based browsers either Attached is the code ----------------------------- [color=purple]Contrary to popular belief, the Irish and I are not married[/color][/quote] The width is not needed so you don't need to add that.. I think I'm postive if you execute a JS code between style tags it wont work. But that code is very odd so it might alter all the filters. ----------------------------- [color=green]NEW MAIN MARKET MALL! Click [url=http://neopets.com/~kluioa]here[/url] to view openings!![/color]
______________________________________ [color=#303030]Get protection from Cookie Grabbers: /~Punchback_bob [/color]
Soldier | Fri, 16/07/2010 - 5:42pm |

Actually you can :P But only under Internet Explorer if i remember correctly. But when i tried it on this server, the server didnt log a hit. Unfortunately i cant try it out on IE since that would require me to actually post that code to neopets, which would get me iced :P ----------------------------- [color=purple]Contrary to popular belief, the Irish and I are not married[/color]
----------------------------- [color=purple]Protect your account[/color] http://www.neopets.com/~punchback_bob CG information & more
saudor | Fri, 16/07/2010 - 5:44pm |

Well for a link to be displayed in the shop front, are you sure it doesn't have some code to stop re-directing and be a "silent" code as in you don't notice anything? The ripway site itself is known for cookie grabbers. So who knows what's on that page. (I'm not going to it..lol) ----------------------------- [color=green]NEW MAIN MARKET MALL! Click [url=http://neopets.com/~kluioa]here[/url] to view openings!![/color]
______________________________________ [color=#303030]Get protection from Cookie Grabbers: /~Punchback_bob [/color]
Soldier | Fri, 16/07/2010 - 5:49pm |

I always used the JS tags But i remember it's like ... ----------------------------- [color=green]NEW MAIN MARKET MALL! Click [url=http://neopets.com/~kluioa]here[/url] to view openings!![/color]
______________________________________ [color=#303030]Get protection from Cookie Grabbers: /~Punchback_bob [/color]
Soldier | Fri, 16/07/2010 - 5:48pm |

It's displayed only from the hut, like every other css code within style tags. Basically that code seems to load that as an "image" but obviously it's not an image. What I dont exactly get is how the domain name issue with cookies is bypassed. Obviously, that is a php file so i cant peak at the source unlike the one last year ----------------------------- [color=purple]Contrary to popular belief, the Irish and I are not married[/color]
----------------------------- [color=purple]Protect your account[/color] http://www.neopets.com/~punchback_bob CG information & more
saudor | Fri, 16/07/2010 - 5:48pm |

[quote=saudor]It's displayed only from the hut, like every other css code within style tags. Basically that code seems to load that as an "image" but obviously it's not an image. What I dont exactly get is how the domain name issue with cookies is bypassed. Obviously, that is a php file so i cant peak at the source unlike the one last year ----------------------------- [color=purple]Contrary to popular belief, the Irish and I are not married[/color][/quote] You can re-direct page using an image code. ..... Not sure how to do it right.. LOL Some how your site code blocks it. But you can do it.. Go here: They use the code.. www.cheatsneopets.com/avatars.php ----------------------------- [color=green]NEW MAIN MARKET MALL! Click [url=http://neopets.com/~kluioa]here[/url] to view openings!![/color]
______________________________________ [color=#303030]Get protection from Cookie Grabbers: /~Punchback_bob [/color]
Soldier | Fri, 16/07/2010 - 5:57pm |

oh yeah that;s right. p.s. what php help did you need? ----------------------------- [color=purple]Contrary to popular belief, the Irish and I are not married[/color]
----------------------------- [color=purple]Protect your account[/color] http://www.neopets.com/~punchback_bob CG information & more
saudor | Fri, 16/07/2010 - 5:57pm |

Pages