Techly NewsGet the app

Get the latest tech news

Hotel WiFi JavaScript Injection (2012)


fi JavaScript Injection So I’m checking my blog on the hotel wifi, like ya do, and I notice something a little off with the style. There’s a dark colored bar at the top of the page that shouldn’t be there.

Screenshot of Justinsomnia with weird bar circled in redI probably wouldn’t have thought much of it, except my blog had recently been hacked (someone had gained elevated access to my web hosting account and prepended every single PHP file with a base64 encoded rootkit), so I immediately decided to view the source. For the non-web-developers reading, the most salient bits to note above are the prefix “rxg” in the CSS and the URL http://adsmws.cloudapp.net/user/advnads20.js pointing to a packed external JavaScript file that looked very suspicious. Ronen Isaac(coincidentally of Wlan Mall) appears to have taken down the Vimeo video(I had previously embedded above) that I thought did such an excellent job describing how the Revenue eXtraction Gateway worked.

Get the Android app

Or read this on Hacker News

« Balaji Srinivasan calls for tech to "exit democracy" and seize local governments
I'm creating PBR Textures and 3D models since 2018 and sharing them for free »