Some nasty javascript command

Whatever you want here. Just make sure it's off topic. Which...I guess if the topic is being off topic, then it means you should be on topic. Understand?
Post Reply
Message
Author
User avatar
BlubBlab
Posts: 948
Joined: Fri Nov 30, 2012 11:33 pm
Location: My little Pony cafe

Some nasty javascript command

#1 Post by BlubBlab » Mon May 12, 2014 9:55 am

My old main AC in Neverwinter got hacked a few weeks ago, I got everything back but basically the support rolled-back my AC.
I don't know how they did find out my PW for the game but I know how they got into my Outlook E-Mail Ac which is needed when you want access the AC from a different PC(Mac-Address) .

I was a bit lazy I went to my outlook like every time putting ou in the browser-bar and click on want went on top in the browser history.
I got a message that through the fact that the heart bleed bug was out there new security measures were take like mobil-phone messages like in yahoo and I should re login.

I did take a look to the left side because this was "my" browser history not an e-mail. After a short search I found it is not mine , javascript can manipulate the browser history entirely (firefox).
https://developer.mozilla.org/en-US/doc ... er_history

So don't thrust your browser history.
Jack-of-all-trades, but master-of-only of a few :D

My Reps:
https://github.com/BlubBlab/Micromacro-with-OpenCV (My version of MM2 with OpenCV and for MS Visual Studio)
https://github.com/BlubBlab/rom-bot (rombot with no stop WP and advanced human emulation mode and some other extensions)
https://github.com/BlubBlab/Micromacro-2-Bot-Framework ( A work in progress )
My Tools : viewtopic.php?f=10&t=6226

User avatar
Administrator
Site Admin
Posts: 5306
Joined: Sat Jan 05, 2008 4:21 pm

Re: Some nasty javascript command

#2 Post by Administrator » Mon May 12, 2014 10:07 am

First thing I would suggest is to ditch Outlook. Use Thunderbird instead. It functions the same way, looks about the same, but is way more secure.

For your browser, use Adblock Plus and NoScript (Firefox) or ScriptNot (Chrome). That will block most browser-based attacks, plus annoying crap, and break most types of tracking. You would want to use a blacklist and only whitelist domains you know are fine. Of course many people find this annoying since you have to allow Javascript for each site, but once you've got it set, you're done. Well worth it.

User avatar
BlubBlab
Posts: 948
Joined: Fri Nov 30, 2012 11:33 pm
Location: My little Pony cafe

Re: Some nasty javascript command

#3 Post by BlubBlab » Mon May 12, 2014 10:23 am

I have already Adblock Plus and Thunderbird, NoScript I have exactly like the reason you said and my Outlook AC isn't in Thunderbird because it my quick e-mail access AC you could say and setting up is complicated because it is a @msn.com address.

But I'm not very happy about firefox in the moment they because they removed to many important setting like I can't see what cookies I have without installing a add-on.

In the last weeks I have the feeling the whole Internet tries to make money at any costs and without limits, anyway I wrote a rant to the Javascript developers about those functions.( I asked about how much alcohol was involved :D )
Jack-of-all-trades, but master-of-only of a few :D

My Reps:
https://github.com/BlubBlab/Micromacro-with-OpenCV (My version of MM2 with OpenCV and for MS Visual Studio)
https://github.com/BlubBlab/rom-bot (rombot with no stop WP and advanced human emulation mode and some other extensions)
https://github.com/BlubBlab/Micromacro-2-Bot-Framework ( A work in progress )
My Tools : viewtopic.php?f=10&t=6226

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests