+ Reply to Thread
Results 1 to 8 of 8

Thread: Issue with website and not be able to click on any link

  1. #1
    Member
    Join Date
    May 2020
    Location
    Sydney, Australia
    Posts
    37

    Issue with website and not be able to click on any link

    Hi there,

    We have this where all links could not be clicked. We investigate this by looking at the modified date and found that all javascript (.js) files are tempered with this at the end of the file with this extra codes:

    Code:
    Only registered members can view the code.
    With the help from https://matthewfl.com/unPacker.html and it translate into:

    Code:
    Only registered members can view the code.
    The code is suspicious.

    At this stage, we go through all js files and removed this line. BUT my question how the attacker can insert this line of extra code? Originally, we thought it was hosting site (CPanel) BUT then we moved to dedicated virtual machine and it's pretty secure so it looks like it's a code itself potentially.

    The version that we have is Flynax 4.8.2.

    We also document this on our blog: https://dewapost.com/2022/04/23/expl...n-the-website/

    Any feedback or anything, we are appreciated it.

    Thanks,
    DCPartners
    Last edited by dcpartners; June 4, 2022 at 12:58 AM.

  2. #2
    Flynax developer Rudi's Avatar
    Join Date
    Dec 2014
    Location
    Planet Earth
    Posts
    3,138
    Hello,

    It seems that there is some software (probable Web Security Cloud) installed on your server for web protection that adds this code to your files

    you can ask your hosting for more info

  3. #3
    Member
    Join Date
    May 2020
    Location
    Sydney, Australia
    Posts
    37
    Quote Originally Posted by Rudi View Post
    Hello, It seems that there is some software (probable Web Security Cloud) installed on your server for web protection that adds this code to your files. you can ask your hosting for more info
    Hi Rudi, that's the thing. We didn't deal with the web security cloud - we don't think it's legit or potentially get hack. How do we secure the permission on this Flynax?


    Also, there are 600+ JS files and it will take a while to update this. We are thinking to get the Flynax 4.8.2 original version. Where can I download this?



    Thanks.
    Last edited by dcpartners; June 5, 2022 at 12:22 AM.

  4. #4
    Quote Originally Posted by dcpartners View Post
    Hi Rudi, that's the thing. We didn't deal with the web security cloud - we don't think it's legit or potentially get hack. How do we secure the permission on this Flynax?


    Also, there are 600+ JS files and it will take a while to update this. We are thinking to get the Flynax 4.8.2 original version. Where can I download this?



    Thanks.
    You can download 4.9.0 and 4.8.2 here:
    https://www.flynax.com/downloads.html

    Just login to your account and choose the version you want

  5. #5
    Senior Member
    Join Date
    Sep 2019
    Location
    Australia mate.
    Posts
    164
    Interestingly, when I tried to access the URL web-security.cloud from Australia, I'm presented with a legal message saying it is blocked. Which is likely why your links are all dead now?

    "Unavailable For Legal Reasons [Недоступно по юридическим причинам]
    This request may not be serviced in the Europe, Great Britain, Australia, Asia, North America and South America regions due to the Interpol Legal Policy, which disallows access to resources hosted by NortonLifeLock Inc and Symantec Inc for open access. [Этот запрос не может быть обслужен в Европе, Британских Островах, Австралия, Азия, Северной Америке и Южной Америке согласно Правовой Политике Интерпола, которая запрещает доступ к ресурсам, размещённым компаниями NortonLifeLock Inc и Symantec Inc]"

  6. #6
    Member
    Join Date
    May 2020
    Location
    Sydney, Australia
    Posts
    37
    Quote Originally Posted by Graham Jupp View Post
    Interestingly, when I tried to access the URL web-security.cloud from Australia, I'm presented with a legal message saying it is blocked. Which is likely why your links are all dead now?

    "Unavailable For Legal Reasons [Недоступно по юридическим причинам]
    This request may not be serviced in the Europe, Great Britain, Australia, Asia, North America and South America regions due to the Interpol Legal Policy, which disallows access to resources hosted by NortonLifeLock Inc and Symantec Inc for open access. [Этот запрос не может быть обслужен в Европе, Британских Островах, Австралия, Азия, Северной Америке и Южной Америке согласно Правовой Политике Интерпола, которая запрещает доступ к ресурсам, размещённым компаниями NortonLifeLock Inc и Symantec Inc]"
    Correct. The browser somehow redirects to web-security.cloud and opens up random sites. We managed to remove all codes and took a while to do this. BUT it's not guaranteed - this will come back again. That's why I am curious about how the attacker can append these codes at the end of each .js file.
    Last edited by dcpartners; June 8, 2022 at 05:10 AM.

  7. #7
    Member
    Join Date
    May 2020
    Location
    Sydney, Australia
    Posts
    37
    Quote Originally Posted by Wei Hong View Post
    You can download 4.9.0 and 4.8.2 here:
    https://www.flynax.com/downloads.html
    Just login to your account and choose the version you want
    Hi Wei, thanks for this. Am I eligible to upgrade from 4.8.2 to 4.9.0 by running a patch?

  8. #8
    Quote Originally Posted by dcpartners View Post
    Hi Wei, thanks for this. Am I eligible to upgrade from 4.8.2 to 4.9.0 by running a patch?
    Hi dcpartner,

    Absolutely you can, you could check this guide too to make sure everything works
    https://forum.flynax.com/showthread....ersion-Upgrade

+ Reply to Thread