King’s Bounty HeroScreen interactive guide

[dzeris]

Quote:

Originally Posted by Metathron

AVG says page is fine.

What is wrong with this picture?


Excluding the part where I allow to execute malicious javascript. I don't care what antiviruses say about site. I just look at page source and from that source I can tell that site is infected. sn[edit]sh.ru site randomly fails. Your antivirus might be silent, because infection page fails. Site might be failing now, but if it is not desinfected, one day it won't fail and some user will be infected. If I had to exploit some vulnerability, I would check for vulnerability before loading exploit and would not load it for not vulnerable clients.

Exploit is working for Erkilmarl, because his or her browser is vulnerable.

[Erkilmarl]

Thanks, dzeris. Can you do the same checking for the other site?

[dzeris]

Quote:

Originally Posted by Erkilmarl

Thanks, dzeris. Can you do the same checking for the other site?

You can do that yourself. Any normal browser has option to view page source.

In my screenshot used browser is variation of Mozilla Firefox with Firebug, Flashblock, Noscript and some other add-ons. Lower window part is Firebug display of actual page code after javascript is executed.

If you have problems reading page source or noticing anomalies in it, give me site address in private.

"HeroScreen for King’s Bounty: The Legend" link is also infected. Same obstructed javascript in linked swfobject.js script.