Jan 05

Adverlets being hacked!

Programming, announcement, flaw, hack, hot, tips, user interface, website Add comments

Today at 5.00p.m (GMT +8) i’m the first to notice adverlets being hacked by adbaaz.com (see whois). It’s not hard for me where have they hack advertlets.com. They have replace “http://apps.advertlets.com/adl-js/savvy/savvy.lite.animator.js” file into

if( cHeight <= 200 )
{
window.top.location = “http://www.adbaaz.com/?dn=apps.advertlets.com&flrdr=yes&nxte=js&prvtof=8b2VkUqfXDCVzkFKsQ1rPbXbLzl10g%3D%3D”;
}

How did they inject? have you heard AJAX injection?

SOLUTION
Remove temporarily your advertlets plugin until Advertlets make changes to their coding!

UPDATE AT 19:16: It’s not hard to determine who behind this adbaaz.com. I manage to get his other main website http://www.clckm.com/ and guess what! He is lousy programmer. I manage to find hole in his website!

Hack CLCKM

So I wonder, who the real hacker!!

MORE UPDATE AT 19:46 – After digging why everything is happen, I found something embarrassed about Advertlets.com DNS..
Advertlets DNS

Can’t see much? View on top pages.
Advertlets DNS expired

When DNS expired, it’s open port. Is that true? So People with high knowledge will utilize this weakness. Suddenly I realize.

WTF!! Advertlets don’t have enough money or they don’t implement project management carefully. WHAT A FLAW!!

written by ™ ķЯαž£ ™ \\ tags: , ,

3 Pings to “Adverlets being hacked!”

  1. Advertlets Alert | Make$ Money$ Blog - Truth, no scam Says:
    January 5th, 2008 at 1:56 pm

    [...] Kralz mentioned it on my blog. [...]

  2. Advertlets advertising network down, temporarily | Malaysia Technology Blog Says:
    January 5th, 2008 at 10:48 pm

    [...] Adverlets being hacked! [...]

  3. Advertlets Gambit or real problem? : Andrew Ooi Says:
    January 6th, 2008 at 1:20 am

    [...] blogs like Krazl even suggested that the site was hacked which was of course not. The ‘parked’ page [...]


5 Responses to “Adverlets being hacked!”

  1. 1. khairilhusni Says:
    January 5th, 2008 at 11:42 am

    are u sure advertlets had been hacked?

    I think domain was expired.
    This domain name expired on Jan 03, 2008

  2. 2. pandora-eye Says:
    January 5th, 2008 at 1:14 pm

    wow, is that true? guess ppl who use advertlets is affected. great discover there!

  3. 3. pandora-eye Says:
    January 5th, 2008 at 1:15 pm

    wow, is that true? guess ppl who use advertlets is affected. great discovery there!

  4. 4. admin Says:
    January 5th, 2008 at 7:01 pm

    At first I also suspect it was DNS expired, but as my experience, .js file shouldn’t be redirect to other pages. It should maintain to main website. But most of client redirect to adbaaz.com. That means someone quick enough to gain access open port. Hope this technicality could explain everything.

  5. 5. admin Says:
    January 6th, 2008 at 7:53 am

    Hi,
    At first I thought Web being hijack due to redirect, But further investigation (by referring to latest post – Please see update – below pages) reveal that DNS not renew by Advertlets. Please view http://www.krazl.com/blog/?p=41

    krazl
    http://www.krazl.com

Leave a Reply

You must be logged in to post a comment.

i3Theme sponsored by Top 10 Web Hosting and Hosting in Colombia

Alexa