Exploit Blackhat SEO (type 1703)

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
When I visit the following site and click on any of the options/links AVG
reports a Web Shield Alert caused by Exploit Blackhat SEO (type 1703).
Does anyone else get this response? I have searched on Google and not really
come up with a clear answer.

http://www.kttchurch.org.uk /

--
Each time someone stands up for an ideal or acts to improve the lot of
others, or strikes out against injustice, he sends forth a little ripple of
hope.
Robert F. Kennedy



Re: Exploit Blackhat SEO (type 1703)

"Richard Head" wrote:

Quoted text here. Click to load it

No need to search google, just look at the raw html of the pages.
There's a mass of hidden links at the bottom of each of them.
Whoever's running that server should fix the vulnerability that
enabled all that crap to be injected. You might want to tell them
about it.

Server: Apache/2.0.63 (FreeBSD) mod_python/3.3.1 Python/2.5.1
 PHP/5.2.6 with Suhosin-Patch mod_fastcgi/2.4.6 mod_ssl/2.0.63
 OpenSSL/0.9.7e-p1 DAV/2 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.6



Re: Exploit Blackhat SEO (type 1703)


| "Richard Head" wrote:

Quoted text here. Click to load it


| No need to search google, just look at the raw html of the pages.
| There's a mass of hidden links at the bottom of each of them.
| Whoever's running that server should fix the vulnerability that
| enabled all that crap to be injected. You might want to tell them
| about it.

| Server: Apache/2.0.63 (FreeBSD) mod_python/3.3.1 Python/2.5.1
|  PHP/5.2.6 with Suhosin-Patch mod_fastcgi/2.4.6 mod_ssl/2.0.63
|  OpenSSL/0.9.7e-p1 DAV/2 mod_perl/2.0.4 Perl/v5.8.8
| X-Powered-By: PHP/5.2.6



Thanx Ant.

A WGET download of the INDEX.HTM submitted to VT shows nothing as well as
JSUnpack and
Wepawet and I don't see malwicious code.  Just the appnded URLs as you noted.

So is this AVG and its webcrawler component going out to the web site and saying
the web
site is Exploitable for the 'Blackhat Search Engine Optimization (SEO)' ?

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Exploit Blackhat SEO (type 1703)

"David H. Lipman" wrote:

Quoted text here. Click to load it

I doubt if it actively tests sites. It's probably just scanning the
page when accessed for suspicious content; in this case, a lot of
hrefs after the closing html tag.



Re: Exploit Blackhat SEO (type 1703)

Quoted text here. Click to load it

Thanks for that. Are you saying that the site has been hacked? I have tried
clicking on Contacts to notify them of the problem but of course all I get
is the AVG Alert warning.



Re: Exploit Blackhat SEO (type 1703)

"Richard Head" wrote:

Quoted text here. Click to load it

Yes.


Well, ignore it or temporarily turn it of. The hidden content won't
hurt you.



Re: Exploit Blackhat SEO (type 1703)

Quoted text here. Click to load it

Their "contacts" php page is also affected.
hxxp://www.kttchurch.org.uk/pages/home/contact-us.php



Re: Exploit Blackhat SEO (type 1703)

On 7/5/2013 6:07 AM, trevor@world-markets.biz wrote:
Quoted text here. Click to load it
and there is nothing wrong with it.. looks to me as if AVG are not as  
good at this
Quoted text here. Click to load it

AVG isn't that great of an A/V in general

Re: Exploit Blackhat SEO (type 1703)

On Monday, November 15, 2010 12:44:28 PM UTC-7, Richard Head wrote:
Quoted text here. Click to load it


http://www.webtec-braun.com/seoplugin/?p=38403

Is this link about considered Black Hat Seo?

Re: Exploit Blackhat SEO (type 1703)

Best BlaCK hAT fORUM.


GET MUCH MORE

http://bestblackhatforum.eu/index.php

Site Timeline