How to know if pages have bad codes? [Solved ]
How to know if pages have bad codes? [Solved ]
I tested a Operating System that is totally new to me.
They had included in Firefox automatic start of pages
that none of the other OS start up automatically.
This page mention something about "Fanboy" and
I just shut it down and rebooted so I don't know what
it was about could it have had dangerous codes ?
How can one find out such in a safe way? I think it would be
not ethical and maybe against the rules too to give link here.
So how can we find this out together if it is just innocent
or something nasty?
I found the OS by reading on internet and now I don't
remember where. Maybe on Linuxforums but not sure.
So I want to find someone that are good at security
that wants to look at it. So I send the link in PM to
him or her.
They had included in Firefox automatic start of pages
that none of the other OS start up automatically.
This page mention something about "Fanboy" and
I just shut it down and rebooted so I don't know what
it was about could it have had dangerous codes ?
How can one find out such in a safe way? I think it would be
not ethical and maybe against the rules too to give link here.
So how can we find this out together if it is just innocent
or something nasty?
I found the OS by reading on internet and now I don't
remember where. Maybe on Linuxforums but not sure.
So I want to find someone that are good at security
that wants to look at it. So I send the link in PM to
him or her.
Last edited by nooby on Sat 21 Jan 2012, 21:24, edited 1 time in total.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
nooby wrote:
is not needed at all and in fact would only raise suspicion.
Other ways they could get/send info to you would be starting a server
at bootup on your machine or even opening ports.
Anyway, a simple way to see if a webpage has nasty code is simply to download it
using wget to a harmless text file.
Something like this:
wget -q -O - http ://Somewebpage.html > /root/SomeWebpage.txt
Once the webpage is downloaded, open the saved text version with Geany
or similar and inspect the code.
This assumes that you are familiar with html and scripting like Javacript.
You can also use curl to get the page and again save it as a text file.
The nice thing about curl is that it let's you set whatever user-agent you
want so you could set it to report something interesting.
I leave it to your imagination
See:
http://linux.about.com/od/commands/l/blcmdl1_curl.htm
http://curl.haxx.se/docs/httpscripting.html
Yet another way to "see" what data is being sent/received from the machine
with the new OS is to connect it via another machine with two network cards
and running WireShark to capture all packets.
The machine with the two network cards connects between the router
and the machine you want to peek at.
Normally this would be considered very unethical (if you did it to someone else's machine)
but since they are both your machines, no problem.
If the developer/s wanted to send info or get info from you, a web browserThey had included in Firefox automatic start of pages
is not needed at all and in fact would only raise suspicion.
Other ways they could get/send info to you would be starting a server
at bootup on your machine or even opening ports.
Anyway, a simple way to see if a webpage has nasty code is simply to download it
using wget to a harmless text file.
Something like this:
wget -q -O - http ://Somewebpage.html > /root/SomeWebpage.txt
Once the webpage is downloaded, open the saved text version with Geany
or similar and inspect the code.
This assumes that you are familiar with html and scripting like Javacript.
You can also use curl to get the page and again save it as a text file.
The nice thing about curl is that it let's you set whatever user-agent you
want so you could set it to report something interesting.
I leave it to your imagination
See:
http://linux.about.com/od/commands/l/blcmdl1_curl.htm
http://curl.haxx.se/docs/httpscripting.html
Yet another way to "see" what data is being sent/received from the machine
with the new OS is to connect it via another machine with two network cards
and running WireShark to capture all packets.
The machine with the two network cards connects between the router
and the machine you want to peek at.
Normally this would be considered very unethical (if you did it to someone else's machine)
but since they are both your machines, no problem.
Nooby, when you open Firefox just choose Edit --> Preferences --> General --> and change Show My Home page to Show Blank Page and delete bellow the Home page text (URL).
I think this Fanboy page is for local language settings but I haven't test it.
Make Firefox to show blank page and your problem is gone.
I think this Fanboy page is for local language settings but I haven't test it.
Make Firefox to show blank page and your problem is gone.
Good advice saintless but keep in mind that the web browser can still
be started at any website by calling it via a script (e.g. in startup)
In Puppy4.3.1 we can do it like this from the CLI:
mozstart http://www.murga-linux.com/puppy
Or via a Bash script:
#!/bin/bash
# put this script in /root/Startup and Seamonkey/Firefox will start when you boot up.
mozstart http://www.murga-linux.com/puppy &
The syntax might be different for different versions/distros but
it still shows that a web browser can be started at any webpage
irrespective on what we have set the home page to.
be started at any website by calling it via a script (e.g. in startup)
In Puppy4.3.1 we can do it like this from the CLI:
mozstart http://www.murga-linux.com/puppy
Or via a Bash script:
#!/bin/bash
# put this script in /root/Startup and Seamonkey/Firefox will start when you boot up.
mozstart http://www.murga-linux.com/puppy &
The syntax might be different for different versions/distros but
it still shows that a web browser can be started at any webpage
irrespective on what we have set the home page to.
''Fanboy's List'' is a filter subscription on adblockplus, which is updated weekly.
Different advert blocking lists are available for different regions of the globe.
Different advert blocking lists are available for different regions of the globe.
- Attachments
-
- ''Fanboy's List'' is a filter subscription on adblockplus.png
- (15.88 KiB) Downloaded 492 times
Last edited by Barkin on Sat 21 Jan 2012, 21:53, edited 1 time in total.
Nooby, here is a screenshot from yours Fanboy page:
http://i39.tinypic.com/2uze04l.png
James C and Barkin are right.
http://i39.tinypic.com/2uze04l.png
James C and Barkin are right.
- Attachments
-
- Screenshot.png
- Fanboy page screen shot.
- (76.17 KiB) Downloaded 426 times
And Barkin.James C wrote:The "fanboy" page is very probably the selection page of the Fanboy list for Adblock.
Jay that must be the correct answer. Then it is not
something bad at all. It is a feature of the addon Adblock
Duh it shows that I truly am a Noob and not the expert or
internet that my neighbors think I am
Sorry for all the fuss hope it help somebody else being
as surprised as I got.
I guess I ahve read about how hated the Microsoft Fanboys
are by the Apple Fanboys and vice versa so I got the wrong
idea what it was all about.
So much appreciated you guys sorted it out.
Thanks to all who have participated. I set it as solved.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though