https://springfiles.com/ is compromised?

https://springfiles.com/ is compromised?

Discuss your problems with the latest release of the engine here. Problems with games, maps or other utilities belong in their respective forums.

Moderator: Moderators

Post Reply
User avatar
The Yak
Posts: 351
Joined: 20 May 2012, 05:36

https://springfiles.com/ is compromised?

Post by The Yak »

Trying to load unauthenticated scripts and sketchy textwall appearance.
abma
Spring Developer
Posts: 3798
Joined: 01 Jun 2009, 00:08

Re: https://springfiles.com/ is compromised?

Post by abma »

can you provide details? (screenshot / urls / filenames of the scripts)

i don't see what you mean...


i don't maintain the page, jj does/did: the accesses to google look weird. I guess i'll add Access-Control-Allow-Origin and/or a Same-origin policy.
User avatar
The Yak
Posts: 351
Joined: 20 May 2012, 05:36

Re: https://springfiles.com/ is compromised?

Post by The Yak »

It seems to be normal now.
User avatar
Jonny5isalivetm
Posts: 186
Joined: 04 Jul 2006, 02:43

Re: https://springfiles.com/ is compromised?

Post by Jonny5isalivetm »

I got a similar bogus message while trying to load spring files recently.. again mustve been some sort of script andit loaded some crapware page your computer infected blabla

Perhaps the site is infected..
User avatar
The Yak
Posts: 351
Joined: 20 May 2012, 05:36

Re: https://springfiles.com/ is compromised?

Post by The Yak »

It happened again. Springfiles redirected to this thing:
Image
Attachments
springfileserror2.jpg
(293.06 KiB) Not downloaded yet
raaar
Metal Factions Developer
Posts: 1094
Joined: 20 Feb 2010, 12:17

Re: https://springfiles.com/ is compromised?

Post by raaar »

!

I saw the above page too. It shows a popup.

Image

it's the second time today, but in the meantime I used the site just fine.
Attachments
springfiles_borked.jpg
fake security warning
(228.18 KiB) Not downloaded yet
User avatar
Jonny5isalivetm
Posts: 186
Joined: 04 Jul 2006, 02:43

Re: https://springfiles.com/ is compromised?

Post by Jonny5isalivetm »

yea I got that same page I got past it with a page reload then springfiles worked normally
abma
Spring Developer
Posts: 3798
Joined: 01 Jun 2009, 00:08

Re: https://springfiles.com/ is compromised?

Post by abma »

i've enabled several security headers in apache:

Header set Access-Control-Allow-Origin "https://springfiles.com"
Header set X-XSS-Protection "1; mode=block"
Header set Content-Security-Policy "default-src 'self';"
and found a lot of .php files modified / reverted these changes via git.

also i've deleted / disabled A LOT of drupal modules: this doesn't fix the real cause of the problem but should reduce the risk a lot.

not very satisfactory but should work for now. :(
User avatar
Forboding Angel
Evolution RTS Developer
Posts: 14673
Joined: 17 Nov 2005, 02:43

Re: https://springfiles.com/ is compromised?

Post by Forboding Angel »

Make sure you are running the latest version. Don't skimp on updates.
User avatar
PicassoCT
Journeywar Developer & Mapper
Posts: 10450
Joined: 24 Jan 2006, 21:12

Re: https://springfiles.com/ is compromised?

Post by PicassoCT »

Dear god, a leprosy case.

impure,
IMPURE,
IMPURE!

This all happend because you touch yourself at night and do not donate to the picasso foundation!
Post Reply

Return to “Help & Bugs”