Opened 8 years ago

Closed 7 years ago

#7987 closed Bug report (rejected)

Cannot access malicious website via FTP

Reported by: Brandon Sky Owned by:
Priority: normal Component: FileZilla Client
Keywords: malicious, javascript, webmaster, tools, google, online, antivir, scan, 09, com, ftp, filezilla Cc:
Component version: Operating system type: OS X
Operating system version: 10.6.2

Description

The website online-antivir-scan09.com is a malicious website I'm trying to track using Google WebMaster Tools and my Google account. When verifying without the verification file, I get an error message saying:

Verification failed for http://online-antivir-scan09.com/ using the HTML file method (less than a minute ago). Your verification file has the wrong content. Are you using the verification file that was downloaded from this site?

When clicking "Show found file content", I notice malicious javascript code and some useless HTML:

<!DOCTYPE HTML PUBLIC "-W3CDTD HTML 4.01 FramesetEN" "http://www.w3.org/TR/html4/frameset.dtd"> <!-- turing_cluster_prod --> <html> <head> <title>online-antivir-scan09.com</title> <meta name="keywords" content="online-antivir-scan09.com"> <meta name="description" content="online-antivir-scan09.com"> <meta name="robots" content="INDEX, FOLLOW"> <meta name="revisit-after" content="10"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <script type="text/javascript"> cookie_callback = function(val) { var exdate=new Date(); exdate.setFullYear(exdate.getFullYear() + 1); document.cookie = "Spusr=" + escape(val) + "; expires=" + exdate.toUTCString(); document.cookie = "jsc=1"; } </script> <script src="http://dsnextgen.com/?epl=Do7uB8y5TwuQkPxcc7xjYpFfvuqQUDhFchd_gxkYJoTDE3qOZ6hYQdAohOCKjqfULAIhvl-hzVBhZX2nlHGYNZYLM_tYEKU4YgEtUBcrElgC3-iEsWLU8FGdXr2bqskEHjjbGdTJQ7fPFF3NKazYGQosE_GR1L754eeol3rIIJOeMj1pop_qKTzVQKaJAZA21DD11FNElQAgYN3vvwAA

When trying to upload the file using FTP and FileZilla, the logs say:

Status: Resolving address of online-antivir-scan09.com
Status: Connecting to 69.43.161.151:21...
Status: Connection attempt failed with "ECONNREFUSED - Connection refused by server".
Error: Could not connect to server
Status: Waiting to retry...
Status: Resolving address of online-antivir-scan09.com
Status: Connecting to 69.43.161.151:21...
Status: Connection attempt failed with "ECONNREFUSED - Connection refused by server".
Error: Could not connect to server

Do I have to enter some password? Or is FTP simply not installed on online-antivir-scan09.com (with the IP 69.43.161.151)?

http://i1265.photobucket.com/albums/jj512/Brandon_Sky/filezillaErrorMsg.png

Attachments (1)

filezillaErrorMsg.png (57.5 KB) - added by Brandon Sky 8 years ago.

Download all attachments as: .zip

Change History (4)

Changed 8 years ago by Brandon Sky

Attachment: filezillaErrorMsg.png added

comment:1 Changed 8 years ago by Simon

Resolution: invalid
Status: newclosed

It seems that they are not running a ftp-server on default port 21.
Anyways, we will not support you gaining access to a system which doesn't belong to you.

comment:2 Changed 7 years ago by Brandon Sky

Resolution: invalid
Status: closedreopened

Reopened, constantly happens.

comment:3 Changed 7 years ago by Simon

Resolution: rejected
Status: reopenedclosed

we will not help you to access a foreign system which does not belong to you!

Note: See TracTickets for help on using tickets.