Last night I saw an article about how Macquarie University’s website was hacked.
So I found a security website that had cached a copy of the hacked website, and I saved the HTML into an HTML file in NetBeans so I could re-create the web page to show others.
In the HTML that I saved, there was this reference to some image on the website…
I tried right-clicking on the image to save a local copy, but FireFox didn’t allow me to do this.
What I would like to know is, “Is it possible that the URL above is to one of the Hackers servers, and thus maybe carried a dangerous payload that I could have somehow picked up while originally viewing the cached website on this intermediary website, or while viewing the page - and images - again from my local copy?!”
I am on a Mac, but nonetheless, I am sort of regretting doing what I did…
Thoughts??
Sincerely,
Debbie
P.S. Here is a partial screen-shot from the code I copied and placed into a local HTML file… (I did this mainly because the original was a few pages, and so there was no easy way to do a “screen-shot”…)
From what I can gather, ggpht.com is an image repository used by Picasa and the like. It can’t be opened in a browser directly, chrome returns a 404.
The sub-domains lh6 lh5 lh4 etc appear to represent different world regions, according to some info I found. Anyway, bottom line is, I don’t think it’s a link to anything nasty.
Check for links to any other remote sites, especially in the javascript, if there is any. That’s where any malicious stuff is likely to be.
As a footnote, and at the risk of being bombarded by protesting mac users, I don’t think being on a mac offers any more protection against malicious code than being on a pc. Just an opinion, based on something I read a while back.
BTW, why can’t I right-click and save the two images on that website?
Check for links to any other remote sites, especially in the javascript, if there is any. That’s where any malicious stuff is likely to be.
Yeah, that much I know.
As a footnote, and at the risk of being bombarded by protesting mac users, I don’t think being on a mac offers any more protection against malicious code than being on a pc. Just an opinion, based on something I read a while back.
Regards
I think Macs are safer, but that doesn’t mean they are completely free of weaknesses or people who want to hack them.
Normally I am pretty careful about what I save, but I just found the hacking of that website so - in your face!! - that I wanted to keep a copy for myself and to show others how dumb companies and institutions can really be?!
As far as the image is concerned, I guess you could “save for web”, which would probably strip out any nastiness in it … although I doubt there’s any issue with it.
I do find the turning off JS quite funny. I was asked to do a gallery site at one point, and the client was adamant that the pictures had to be protected by one of those JS scripts. She showed me an example site, and it took me less than a second to turn off JS and download the images. Her shoulders sank, and she never asked for this again.
A slightly more realistic approach to the problem is the one used by this site, for example (not one of mine :)). The first time you right-click, it brings up a copyright warning message, but once you’ve closed that, the normal right-click functions are restored.
I guess that’s a better approach, although it doesn’t seem people care much these days. Might be better to play on superstitions … like—“You will be cursed and die in seething agony within the week … Muahahahaha” sort of thing.
The most effective way I have found for protecting images from being copied via the context menu is to place a transparent image in front of them so that the transparent image is the one that gets copied instead of the real one. By the time they realise they got the wrong images at least some will not bother going back to steal the images a different way - such as by saving the entire page and then copying the images from there.
That’s better, of course, because some people would actually believe it.
When I first allowed my router to broadcast a wireless signal, I changed its broadcast name to VirusPortal (or something like that) to dissuade others from trying to use it. In the end, it felt too mean, and I changed it, because I didn’t want to freak innocent people who might get worried that their computer was in danger.