How to know if pages have bad codes? [Solved ]

For discussions about security.
Post Reply
Message
Author
nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

How to know if pages have bad codes? [Solved ]

#1 Post by nooby »

I tested a Operating System that is totally new to me.
They had included in Firefox automatic start of pages
that none of the other OS start up automatically.

This page mention something about "Fanboy" and
I just shut it down and rebooted so I don't know what
it was about could it have had dangerous codes ?

How can one find out such in a safe way? I think it would be
not ethical and maybe against the rules too to give link here.

So how can we find this out together if it is just innocent
or something nasty?

I found the OS by reading on internet and now I don't
remember where. Maybe on Linuxforums but not sure.

So I want to find someone that are good at security
that wants to look at it. So I send the link in PM to
him or her.
Last edited by nooby on Sat 21 Jan 2012, 21:24, edited 1 time in total.
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
Dave_G
Posts: 453
Joined: Thu 21 Jul 2011, 13:53

#2 Post by Dave_G »

nooby wrote:
They had included in Firefox automatic start of pages
If the developer/s wanted to send info or get info from you, a web browser
is not needed at all and in fact would only raise suspicion.
Other ways they could get/send info to you would be starting a server
at bootup on your machine or even opening ports.

Anyway, a simple way to see if a webpage has nasty code is simply to download it
using wget to a harmless text file.

Something like this:
wget -q -O - http ://Somewebpage.html > /root/SomeWebpage.txt

Once the webpage is downloaded, open the saved text version with Geany
or similar and inspect the code.
This assumes that you are familiar with html and scripting like Javacript.

You can also use curl to get the page and again save it as a text file.
The nice thing about curl is that it let's you set whatever user-agent you
want so you could set it to report something interesting.
I leave it to your imagination :-)

See:
http://linux.about.com/od/commands/l/blcmdl1_curl.htm
http://curl.haxx.se/docs/httpscripting.html

Yet another way to "see" what data is being sent/received from the machine
with the new OS is to connect it via another machine with two network cards
and running WireShark to capture all packets.
The machine with the two network cards connects between the router
and the machine you want to peek at.
Normally this would be considered very unethical (if you did it to someone else's machine)
but since they are both your machines, no problem.

User avatar
saintless
Posts: 3862
Joined: Sat 11 Jun 2011, 13:43
Location: Bulgaria

#3 Post by saintless »

Nooby, when you open Firefox just choose Edit --> Preferences --> General --> and change Show My Home page to Show Blank Page and delete bellow the Home page text (URL).

I think this Fanboy page is for local language settings but I haven't test it.

Make Firefox to show blank page and your problem is gone.

User avatar
Dave_G
Posts: 453
Joined: Thu 21 Jul 2011, 13:53

#4 Post by Dave_G »

Good advice saintless but keep in mind that the web browser can still
be started at any website by calling it via a script (e.g. in startup)

In Puppy4.3.1 we can do it like this from the CLI:

mozstart http://www.murga-linux.com/puppy
Or via a Bash script:

#!/bin/bash
# put this script in /root/Startup and Seamonkey/Firefox will start when you boot up.
mozstart http://www.murga-linux.com/puppy &

The syntax might be different for different versions/distros but
it still shows that a web browser can be started at any webpage
irrespective on what we have set the home page to.

User avatar
saintless
Posts: 3862
Joined: Sat 11 Jun 2011, 13:43
Location: Bulgaria

#5 Post by saintless »

Thanks for this information, Dave_G. I learn something new every time I read your posts :)
I hope clearing the default home page will do the trick for Nooby.

User avatar
James C
Posts: 6618
Joined: Thu 26 Mar 2009, 05:12
Location: Kentucky

#6 Post by James C »

The "fanboy" page is very probably the selection page of the Fanboy list for Adblock.

User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

#7 Post by Barkin »

''Fanboy's List'' is a filter subscription on adblockplus, which is updated weekly.

Different advert blocking lists are available for different regions of the globe.
Attachments
''Fanboy's List'' is a filter subscription on adblockplus.png
(15.88 KiB) Downloaded 492 times
Last edited by Barkin on Sat 21 Jan 2012, 21:53, edited 1 time in total.

User avatar
saintless
Posts: 3862
Joined: Sat 11 Jun 2011, 13:43
Location: Bulgaria

#8 Post by saintless »

Nooby, here is a screenshot from yours Fanboy page:
http://i39.tinypic.com/2uze04l.png
James C and Barkin are right.
Attachments
Screenshot.png
Fanboy page screen shot.
(76.17 KiB) Downloaded 426 times

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#9 Post by nooby »

James C wrote:The "fanboy" page is very probably the selection page of the Fanboy list for Adblock.
And Barkin.

Jay that must be the correct answer. Then it is not
something bad at all. It is a feature of the addon Adblock

Duh it shows that I truly am a Noob and not the expert or
internet that my neighbors think I am :)

Sorry for all the fuss hope it help somebody else being
as surprised as I got.

I guess I ahve read about how hated the Microsoft Fanboys
are by the Apple Fanboys and vice versa so I got the wrong
idea what it was all about.

So much appreciated you guys sorted it out.

Thanks to all who have participated. I set it as solved.
I use Google Search on Puppy Forum
not an ideal solution though

amigo
Posts: 2629
Joined: Mon 02 Apr 2007, 06:52

#10 Post by amigo »

Congratulations -a nooby thread with 'Solved' in the title!

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#11 Post by nooby »

One can't expect too much from a confused Nooby I guess.
I am happy he is still alive. Alive but not kicking as we say :)
I use Google Search on Puppy Forum
not an ideal solution though

Post Reply