Spam redirect

Printable View

Show 40 post(s) from this thread on one page

07-03-2021, 12:37 PM
D(C)

Quote:

Originally Posted by Thaleia

Wish this was being taken more seriously.

Same. How is this still going on?
07-03-2021, 02:38 PM
Thaleia

Now it's happening on my Android cell as well.

Mods - clearly your site has been compromised. Not only that, it is affecting individual users devices.

That's like, kind of a big deal, no?
07-03-2021, 02:52 PM
babybear

Spam redirect

I agree and I think it’s a big deal……apparently tgr not so much.
Wish there was more we could do as mods. it’s a pretty frustrating situation.
07-04-2021, 03:17 PM
Todd Zander

Seems to redirect more so when it detects a new ip address
07-04-2021, 03:24 PM
Danno

This has never happened to me on the app. So y'all should use the app, you know, the one that's no longer available on the Play store because??
07-04-2021, 08:50 PM
muted reborn

Quote:

Originally Posted by babybear

I agree and I think it’s a big deal……apparently tgr not so much.
Wish there was more we could do as mods. it’s a pretty frustrating situation.

guessing we are near the end of the tgr forums then?
07-04-2021, 10:54 PM
climberevan

Quote:

Originally Posted by Danno

This has never happened to me on the app. So y'all should use the app, you know, the one that's no longer available on the Play store because??

The old app has been working well for me on Android phone and tablet. I've also not noticed any issues on Firefox for Linux on the PC.
07-06-2021, 08:55 AM
billyk

Quote:

Originally Posted by muted reborn

guessing we are near the end of the tgr forums then?

As important as we all think we are,I can see how the TGR big-wigs might have a hard time justifying spending much time or money on the forums.

In addition to the dentists, doctors, and lawyers, we seem to have a fair number of internet experts hanging out here (not counting myself in any of those categories). Maybe we need to step up and fix it ourselves?

Maybe as a start, can someone who knows describe the mechanics of what is going on, and what needs to be done to fix or prevent it? I’ve read somewhere that it might be a JavaScript exploit - does that sound right? I tried disabling JavaScript, but then a lot of other stuff stopped working, so I turned it back on.
07-06-2021, 09:39 AM
pureantigravity

There is an error in the page somewhere. When cookies are disabled the iptrack site redirect happens. It should be fetching the IP for site configuration (regional differences) silently when cookies are disabled.

Test it. Go open the page in an incognito window. The site redirects. Now paste the address again. The site doesn't redirect. Stay in incognito and clear the tgr cookies. The site redirects again. Doesn't look malicious so much as an error in the coding causing it to not operate properly.

Google Chrome Lighthouse report also says it has a very old version of jquery running with lots of cross-site scripting (xss) vulnerabilties. That should be upgraded to the latest jquery.
07-06-2021, 10:35 AM
Danno

Quote:

Originally Posted by climberevan

The old app has been working well for me on Android phone and tablet. I've also not noticed any issues on Firefox for Linux on the PC.

Yeah, the app works fine for me. But apparently it's not available.
07-06-2021, 02:37 PM
climberevan

Quote:

Originally Posted by Danno

Yeah, the app works fine for me. But apparently it's not available.

It's readily available.

https://apkfun.com/TGR-Forums.html
07-07-2021, 08:20 AM
billyk

Quote:

Originally Posted by pureantigravity

There is an error in the page somewhere. When cookies are disabled the iptrack site redirect happens. It should be fetching the IP for site configuration (regional differences) silently when cookies are disabled.

Test it. Go open the page in an incognito window. The site redirects. Now paste the address again. The site doesn't redirect. Stay in incognito and clear the tgr cookies. The site redirects again. Doesn't look malicious so much as an error in the coding causing it to not operate properly.

Google Chrome Lighthouse report also says it has a very old version of jquery running with lots of cross-site scripting (xss) vulnerabilties. That should be upgraded to the latest jquery.

Thanks for the info. Gives me more experiments to try whenever I get some free time.
07-08-2021, 01:16 PM
Danno

Quote:

Originally Posted by climberevan

It's readily available.

https://apkfun.com/TGR-Forums.html

cool. just bumped the thread that said it was gone.
07-22-2021, 01:09 AM
HammySlapwagons

Quote:

Originally Posted by pureantigravity

Google Chrome Lighthouse report also says it has a very old version of jquery running with lots of cross-site scripting (xss) vulnerabilties.

Heh...I saw that too. Looks like if only affects sites under pretty specific criteria. Even though TGR has a jQuery version with that xss vulnerability, they might not be impacted. Or they might be. Hard to tell without going through the code. Regardless, this issue is still pretty fucking big, and it makes me question if there's something more malicious we're not seeing. Also, the lack of response from TGR is astonishing.
07-22-2021, 07:09 AM
Scrubadub

Fucking annoying

Show 40 post(s) from this thread on one page