Page 1 of 1
Rdirect still happens even without javascript, meta disabled
Posted: Fri Jul 03, 2015 8:32 am
by Lars
I've tested with javascript disabled.
network.http.redirection-limit set to 0.
I'm using both adblock plus and noscript
This site is still able to initiate redirect cascade to malware sites.
(NSFW)
Code: Select all
http://www.pics-money.ru/6/65478/1/
Seems to be using php in some way but I can't find the code before it redirects.
Firefox debugger do not have a way to fully pause a webpage.
Re: Rdirect still happens even without javascript, meta disa
Posted: Fri Jul 03, 2015 5:05 pm
by barbaz
Install
NoRedirect and configure it to block all redirects?
(Regex: .*, check only "Source"; then maybe remove all builtin entries)
Also please be clearer what you mean by "redirect". Does it actually put you to a different webpage?
And what NoScript version are you running?
Re: Rdirect still happens even without javascript, meta disa
Posted: Sat Jul 04, 2015 10:17 am
by Lars
Please do not post live links to malware sites.
Sorry. I didn't know that site was considered to be a malware site. When posting links to malware sites should they be in a code tag?
Also please be clearer what you mean by "redirect". Does it actually put you to a different webpage?
Isn't that what a redirect is? I do not know of another term for what is happening.
The site after a few seconds to about a minute goes to another site which immediately in turn takes you to another site.
This hopping continues a few times and stops on some random malicious ad site.
The first redirect also removes the original site from the back/forward history so you can not go back via the back button.
I provided the url so you could observe it for yourself.
Install NoRedirect and configure it to block all redirects?
(Regex: .*, check only "Source"; then maybe remove all builtin entries)
That worked. Thank you.
Re: Rdirect still happens even without javascript, meta disa
Posted: Sat Jul 04, 2015 11:49 am
by therube
Kind of neat what they do there.
Code: Select all
<meta http-equiv="refresh" content="13; url=http://t i n y url.com/kp28xe9">
NoScript only blocks certain redirects (inside <NOSCRIPT> elements), & that is not.
You could have also set the Pref, accessibility.blockautorefresh, to 'True' but the extension gives you greater control.
Re: Rdirect still happens even without javascript, meta disa
Posted: Sat Jul 04, 2015 4:11 pm
by barbaz
Lars wrote:Sorry. I didn't know that site was considered to be a malware site.
Er, what? I made that edit because you yourself said that it was: (I've turned the quote blue)
Lars wrote:This site is still able to initiate redirect cascade to malware sites.
Redirect to malware sites, malware site... same thing in my view, even if the redirecting site was "just" hacked.
Lars wrote:When posting links to malware sites should they be in a code tag?
Doesn't matter how they're posted as long as they're not clickable hyperlinks. Preferably they'd be broken as well (i.e. httq instead of http) but I think it's not strictly necessary.
Lars wrote:Also please be clearer what you mean by "redirect". Does it actually put you to a different webpage?
Isn't that what a redirect is? I do not know of another term for what is happening.
Yep, but there are so many ways to do that, I was hoping you knew which (anyway, therube answered that question).
Lars wrote:That worked. Thank you.
You're welcome
