StarDestroyer.Net BBS

www.franklord.tk it works in IE and opera but arsed if i can make it work in firefox. Not only is this site annoying, there's a complete lack of content and it's not standards complient, wtf is that about?

It's probably some page pranksters link to unsuspecting people as a cruel joke to cause a temporary inconvienence for them. At least it doesn't do anything beyond only being able to be closed with ctrl+alt+delete.

And I wouldn't consider it the suckiest site ever. The suckiest site ever would be a site that has greusome pictures of penis bisections all over the page, tubgirl as a background, all text typed in alternating caps, using the most annoying ebonics and 1337-speak ever, the text color being an eye-straining flourescent color, and visiting would cause all sorts of spyware to be downloaded onto your computer.

Oh, yeah? How about this?

Will somebody click on that and tell us what it is so that I can avoid possible mental trauma?

It's a Wikipedia definition of the site in question. You really think I'd post a direct link to a site that'd probably get me banned?

Exonerate wrote:Will somebody click on that and tell us what it is so that I can avoid possible mental trauma?

From my experience, it's a blank page, no domain in the address bar, but it can only be closed by pressing ctrl+alt+delete.

Java applet + javascript slowed my browser down to molasses (Using Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040312 Galeon/1.3.14 (Debian package 1.3.14a-1))- equivalent to Mozilla 1.6. Had to be closed, and java vm killed. His server is running like molasses too.

Any recent Java security holes?

I never look at those sites. Wow, the server, Recoat.com, that hosts tubgirl is located in the exact town I live in. I never knew this town had so much industry, other than PNY and Phizer(sp?).

For anyone looking through the source code, the encoded stuff (likely cut and pasted from the comments above and below- this guy is a cut and paste script kiddy) decoded is:

Code: Select all

<SCRIPT language=VBScript>

        Dim Sound(34),  I

        Sound(1) = Chr(98) & Chr(105) + Chr(103) + Chr(98) & "o" & "ss" & Chr(46) & Chr(109) & Chr(105) + Chr(100)
        Sound(2) = Chr(98) & "o" & Chr(115) & Chr(115) + "x" + Chr(46) & Chr(109) & Chr(105) + Chr(100)
        Sound(3) = "f" & Chr(102) + Chr(116) & Chr(98) + Chr(97) & Chr(116) + Chr(116) + "8" & Chr(46) & Chr(109) & Chr(105) + Chr(100)
        Sound(4) = Chr(99) + Chr(97) + Chr(110) + Chr(100) + Chr(121) + Chr(109) + Chr(97) + Chr(110) + Chr(46) & Chr(109) & Chr(105) + Chr(100)
        Sound(5) = "i" & "n" & "t" & "h" & Chr(101) & "man" & Chr(115) + Chr(105) + Chr(111) & Chr(110) & Chr(46) & Chr(109) & Chr(105) + Chr(100)
        Sound(6) = "de" & "at" & Chr(104) & Chr(115) + Chr(116) + Chr(97) & Chr(114) + Chr(46) & Chr(109) & Chr(105) + Chr(100)
        Sound(7) = Chr(108) & Chr(97) & Chr(98) + Chr(46) & Chr(109) & Chr(105) + Chr(100)
        Sound(8) = Chr(115) & Chr(104) & Chr(105) & Chr(110) & Chr(114) & Chr(97) + Chr(46) & Chr(109) & Chr(105) + Chr(100)
        Sound(9) = Chr(98) & Chr(105) & Chr(103) & Chr(98) + Chr(117) + Chr(109) + Chr(112) & Chr(46) & Chr(109) & Chr(105) + Chr(100)
        Sound(10) = Chr(97) & "n" & Chr(116) & Chr(105) & Chr(99) & Chr(104) & Chr(114) + Chr(105) + "s" & Chr(116) & Chr(115) & "u" & Chr(112) & Chr(101) + Chr(114) & Chr(115) & Chr(116) + Chr(97) & Chr(114) & Chr(46) & Chr(109) & Chr(105) + Chr(100)
        Sound(11) = Chr(112) & Chr(117) & Chr(112) + "p" + Chr(101) & Chr(116) + "2" & Chr(46) & Chr(109) & Chr(105) + Chr(100)
        Sound(12) = "z" & Chr(101) & Chr(114) + Chr(111) & Chr(46) & Chr(109) & Chr(105) + Chr(100)
        Sound(13) = Chr(112) & Chr(105) + Chr(99) + Chr(116) + Chr(117) & "r" & Chr(101) + Chr(46) + Chr(109) + Chr(105) + Chr(100)
        Sound(14) = Chr(102) & Chr(114) & Chr(101) + Chr(97) & Chr(107) & Chr(46) + "m" + Chr(105) & Chr(100)
        Sound(15) = Chr(102) & Chr(114) & Chr(101) & Chr(100) & "d" + Chr(121) + "8" & Chr(46) + "m" + Chr(105) & Chr(100)
        Sound(16) = "B" & Chr(97) & "t" + Chr(114) & Chr(101) + "f" & Chr(108) & Chr(107) + "." + Chr(109) + Chr(105) + Chr(100)
        Sound(17) = Chr(112) & Chr(101) & Chr(101) & "w" & Chr(101) & Chr(101) & "." & Chr(109) + Chr(105) + Chr(100)
        Sound(18) = Chr(116) & "u" & Chr(98) & Chr(98) + Chr(105) & Chr(101) + Chr(116) & "h" & Chr(101) & Chr(109) & Chr(101) & Chr(46) & Chr(119) & Chr(97) & Chr(118)
        Sound(19) = Chr(112) & Chr(101) + Chr(101) & Chr(119) + Chr(101) & Chr(101) & "." & Chr(109) & Chr(105) & Chr(100)
        Sound(20) = Chr(100) & Chr(101) + Chr(97) + Chr(116) & Chr(104) & "m" + Chr(111) & Chr(117) + Chr(110) & "t" & Chr(97) & Chr(105) & Chr(110) & Chr(108) + Chr(106) + Chr(46) & Chr(109) & Chr(105) & Chr(100) 
        Sound(21) = Chr(109) & Chr(97) & Chr(100) + "j" & Chr(101) & Chr(115) + Chr(116) & Chr(101) & Chr(114) + "." & Chr(109) & Chr(105) & Chr(100) 
        Sound(22) = Chr(100) & Chr(114) & Chr(97) & Chr(109) + Chr(97) & "i" + "n" & Chr(116) + Chr(101) + Chr(110) + Chr(115) + Chr(101) + Chr(46) & "m" & Chr(105) & Chr(100)
        Sound(23) = Chr(110) & Chr(105) & Chr(107) + "r" + Chr(111) & Chr(98) & Chr(111) & Chr(116) & Chr(46) & "m" & Chr(105) & Chr(100)  
        Sound(24) = "n" & Chr(101) & Chr(111) & Chr(100) & Chr(101) & Chr(97) & Chr(116) + "h" + "2" & Chr(111) & Chr(46) & "m" & Chr(105) & Chr(100)
        Sound(25) = Chr(100) & Chr(101) + Chr(97) + Chr(116) & Chr(104) & "m" + Chr(111) & Chr(117) + Chr(110) & "t" & Chr(97) & Chr(105) & Chr(110) & Chr(108) + Chr(106) + Chr(46) & Chr(109) & Chr(105) & Chr(100)
        Sound(26) = Chr(100) & Chr(101) + Chr(97) + Chr(116) & Chr(104) & "m" + Chr(111) & Chr(117) + Chr(110) & "t" & Chr(97) & Chr(105) & Chr(110) & Chr(108) + Chr(106) + Chr(46) & Chr(109) & Chr(105) & Chr(100)
        Sound(27) = Chr(118) & Chr(97) + "l" & Chr(101) & "n" & "t" + Chr(105) + "n" & Chr(97) + "4" & Chr(46) & "m" & Chr(105) + Chr(100)
        Sound(28) = Chr(115) & "i" & Chr(109) & "g" + Chr(97) & Chr(101 ) & Chr(118) & Chr(105) & Chr(108) + "." & Chr(109) & Chr(105) & Chr(100)
        Sound(29) = Chr(99) & Chr(97) & Chr(108) & Chr(98) & Chr(114) & Chr(101) & Chr(110) & Chr(97) & Chr(105) & Chr(109) & Chr(112) & Chr(46) & Chr(109) & Chr(105) & Chr(100)
        Sound(30) = Chr(115) + Chr(117) + Chr(110) + Chr(107) + Chr(101) + Chr(110) + "4" + Chr(46) + Chr(109) & Chr(105) & Chr(100)
        Sound(31) = Chr(118) & Chr(105) & Chr(108) & Chr(101) & Chr(105) & Chr(110) + Chr(116) & Chr(114) & Chr(111) & Chr(46) & Chr(109) & Chr(105) & Chr(100)
        Sound(32) = Chr(100) & Chr(114) + Chr(119) & Chr(105) + Chr(108) + Chr(121) & Chr(46) & Chr(109) & Chr(105) & Chr(100)
        Sound(33) = Chr(115) + Chr(109) + Chr(114) & Chr(112) & Chr(103) + Chr(100) + Chr(111) + Chr(100) + Chr(111) + Chr(46) & Chr(109) & Chr(105) & Chr(100)
        Sound(34) = Chr(97) & Chr(117) & Chr(116) + Chr(111) & Chr(109) + Chr(97) & Chr(116) + Chr(105) & Chr(111) & Chr(110) & Chr(46) & Chr(109) & Chr(105) & Chr(100)

        Randomize Timer
        I = Int(Rnd * 34) + 1

        document.write "<BGSOUND SRC=" & "http://www.freewebs.com/" & Chr(112) & Chr(111) + Chr(111) & Chr(112) + Chr(121) & Chr(116) + Chr(104) + Chr(101) & "p" & Chr(105) & Chr(114) + Chr(97) + Chr(116) & Chr(101) & "/" & Sound(I) & " " & "loop=999" & " " & ">"

</SCRIPT>
<SCRIPT language=JavaScript>
//imposter inc
var nspaces = 80
var timer
var msg = ""
function scrollMaster() {
	clearTimeout(timer)
	
	msg = "  "
	for (var i = 0; i < nspaces; i++) {
		msg = " " + msg
	}
	scrollMe()
}
function scrollMe() {
	window.status = msg
	msg = msg.substring(1, msg.length)+ msg.substring(0,1)
	timer = setTimeout("scrollMe()", 80)
}
scrollMaster()
//imposter inc
</SCRIPT>
<br><br><b>

Does not appear malicious.

Decoded with:

Code: Select all

#include <stdio.h>
#include "input.h"

int main(void){
        char *buffer;
        unsigned int output;
        int size, i;
        getInput(&buffer,EOF); //dumps input from stdin to variable sized buffer allocated with
        //malloc/realloc, too lazy to post code. 
        
        size = strlen(buffer);

        for(i = 0; i < size; i++){
                if(buffer[i] == '%'){
                        sscanf(buffer + i +1 , "%2X", &output);
                        putchar((char)output);
                        i+=2;
                }else{
                        putchar(buffer[i]);
                }
        }

        free(buffer);
        exit(0);
}

Pipe into stdin.

Other code tries to do annoying animation... cross browser. Ugh.

Java applet is a chat applet stolen (and hosted) from Homestead.
Lots of cross domain stuff.