Thursday, October 05, 2006

Podomatic Vulnerability Enables Spammer Redirects

Here's another instance in a rash of reported vulnerabilities in member registration pages being spammed. Never heard of Podomatic before but it appears the spammers sure have and some nitwit registered as a member called Valium to do his spamming.

The link to the member's site is:
The javascript redirect code appears to be this shit embedded in the memberpage:
var mbht872 = 'on=';
var bikmr354 = 'qiqyi199';
var zlh171 ='ment';
var k97='.lo';
var ydxglyjedai737='ti';
var bmmp211='docu';
var mzcra833='';
var ertmj632='valium';
var qiqyi199 = 'ca';
var lflx482='"';
if(bikmr354 = 'qiqyi199')eval(bmmp211+zlh171+k97+qiqyi199+ydxglyjedai737+mbht872+lflx482+mzcra833+ertmj632+lflx482);
Just goes to show you that if you don't secure your sites some spammer will abuse it but people just don't listen.


Anonymous said...

Thanks for pointing this out, I've closed the hole.


Anonymous said...

Maybe it's more than people don't care than they don't listen. Not everyone is obsessed with making the internet a perfect place... some people deal with issues in the real world.

IncrediBILL said...

Well, that's a nice theory as spoken by someone that sounds like a spammer, but the post above yours was from someone at Podomatic that fixed the issue.

You just keep being delusion as web spam is getting the boot.