• CMahaff@lemmy.ml
    link
    fedilink
    English
    arrow-up
    34
    arrow-down
    2
    ·
    edit-2
    1 year ago

    My concern is that configuring the site to automatically redirect users sounds like they have pretty large control over the site - the kind of control that I would assume is usually limited to users with root access on the server.

    Obviously hope nothing of value is lost and that there is a proper off-site backup of the content.

    Edit: See Max-P’s comment, it looks like the site redirection was accomplished in a way that IMO suggests they do NOT have full control over the site. We’ll obviously have to wait for the full debrief from the admins.

    • JackbyDev
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      1 year ago

      If it was just DNS that doesn’t mean too much. If it was just DNS it seems to be back up. It’s like changing the number in a phone book.

    • thanks_shakey_snake@lemmy.ca
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Yeah the “redirect somewhere else” attack definitely doesn’t necessarily require any particular control of the site. Usually it’s noticing that you can trick some text into being run as Javascript, instead of interpreted as text… And then you just stick in a cheeky little <notarealscript>window.location = "https://www.badsite.horse"</notarealscript> into that spot.

      Then every time that comment, username, (in this case apparently) custom emoji, etc. gets loaded, whoops, the code runs and off you go!

      So no control of the site is required at all.