java questions

[kryptkat]

What does this do?

LINK="#number" VLINK="#number" ALINK="#number" onload="top.window.location=('http://signups.website.com/hit.php?w=number&s=number&p=number')

link? vlink? alink? in java? for security reasons i changed the numbers to the word number. and the website.

What does this do?

<a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID= 404&cat=web&os=&over=&hrd=&Optnumber=&Optnumber=&O ptnumber=" target="_blank">Microsoft Support</a>

brings up a redirect.asp page from microandsoft? why?

What does this do?

<form method=POST action=/folder/filecgi.exe>

This slips a prog on to your computer? or post your data to their computer?

What does this do?


<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns="urn:schemas-microsoft-comfficeffice" xmlns="http://www

Does this bring up a template from microandsoft and summit it to the xmlns website?

What does this do?

{ behavior: url(#default#VML) }





what should i be looking for to find out how i got hijacked? a redirect type page? a form that posts and loads a file on this computer? links with numbers? asp pages with question marks then equals ?


tia

-kk

[7smurfs]

[code] LINK="#number" VLINK="#number" ALINK="#number"[/quote]Link# = the color of a non-visited link.
VLink# I believe is the color of a link you just clicked on
ALink# I believe is the color of a link after you have visited it.

Also the first stuff you posted was Javascript I bet, and not Java.

Code:

<form method=POST action=/folder/filecgi.exe>

I would assume it means the filecgi.exe file is launched when you do whatever you need to do when you complete the form.

Code:

<a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=404&cat=web&os=&over=&hrd=&Optnumber=&Optnumber=&Optnumber=" target="_blank">Microsoft Support</a>

That redirects you to a page based upon the variables listed in the URL I presume.

Code:

<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns="urn:schemas-microsoft-comfficeffice" xmlns="http://www

Looks like an XML template, but I'm not sure.

Code:

 { behavior: url(#default#VML) }

Couldn't tell you; possibly Javascript or CSS?

Feel free to correct me if I'm wrong on any of this. I don't think too much of that is at all dangerous. Possible the form one, but I think that only launches the program on the server side.

[kryptkat]

thank you

they were all taken from suspect webpages.

[xErath]

What does this do?
LINK="#number" VLINK="#number" ALINK="#number" onload="top.window.location=('http://signups.website.com/hit.php?w=number&s=number&p=number')

link? vlink? alink? in java? for security reasons i changed the numbers to the word number. and the website.

link is the color for not visited links
vlink is the color for visited links
alink is the color for clicks in which you click
onload redirects the current page to that url after loading completes

<a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID= 404&cat=web&os=&over=&hrd=&Optnumber=&Optnumber=&O ptnumber=" target="_blank">Microsoft Support</a>

brings up a redirect.asp page from microandsoft? why?

that a simple link like this one, which opens in a new window

<form method=POST action=/folder/filecgi.exe>
This slips a prog on to your computer? or post your data to their computer?

It declares a region in a html document which will have lots of input filed (listboxs, textares input files...) including a submit button (or not). After pressing the submit button the data inside the form willl be sent to the server. post means that data is invisible to the user when sending. There's also get, in which all data is appended to the url. and example of a form like that one it the 'new thread' or 'reply to thread' forms here on this forum.

<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns="urn:schemas-microsoft-comfficeffice" xmlns="http://www

Does this bring up a template from microandsoft and summit it to the xmlns website?

<html> is the starting tag of any html document, after the right DOCTYPE.
the standard defines this
<html xmlns="http://www.w3.org/1999/xhtml">
go to the url http://www.w3.org/1999/xhtml and check it out

it nothing more than a namespace where html/xhtml document type declaration can be found

I'd advise some serious reading
http://www.w3schools.com/
http://www.w3schools.com/tags/tag_html.asp

nothing in that code is harmfulll, nor will html ever be.
I'd be very stupid if the html standard defined tags for

Code:

<download_malicious_file_and_install_crap> 
<crash_browser>

What does this do?

{ behavior: url(#default#VML) }

it's IE specific coding, for support with vml.. some strange stuff, which is harmless

what should i be looking for to find out how i got hijacked? a redirect type page? a form that posts and loads a file on this computer? links with numbers? asp pages with question marks then equals ?

mostly javascript and mostly ActiveX controls, which are javascript managed to. and javascript browser sniffing.
90% of webmasters are too dumb to make standard compliant web pages, so they sniff for browsers to send browser specific code, which only does crap

[kryptkat]

Thank you for the web site w3. basic html tags some of it i know. i did not know what to look up css java html javascript. that makes more sense now. some of it i had an idea what it did but was not sure. been reading.

[major_small]

I second xErath. he was right on every one of those. a 'browser hijacking' is nothing to worry about. all it was was some line of code that chaned your homepage. they got no other information unless they left a cookie, then they might be able to track where you go when you're online. I suggest you just get some kind of spyware scanner like spybot S&D or ad aware. the best way to go would be to get both and use them both.

[xErath]

I second xErath. he was right on every one of those. a 'browser hijacking' is nothing to worry about. all it was was some line of code that chaned your homepage. they got no other information unless they left a cookie, then they might be able to track where you go when you're online. I suggest you just get some kind of spyware scanner like spybot S&D or ad aware. the best way to go would be to get both and use them both.

Or use an alternative browser like Opera (my serious advise) or Firefox (with interface much like IE). Opera currently is the single browser with no know security problems. And it has lots of usefull discret features.
http://secunia.com/product/4932/
http://secunia.com/product/4227/

[major_small]

I was going to say that, but didn't want to start a flame war... but firefox is better :P

opera will have it's security problems eventually... I'm not surprised that a browser with less than 2% of the market hasn't had any problems yet... as opposed to firefox, which has over a quarter of the market under it's belt, making it the second most popular browser under IE6