Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Syaoran

Status Update - Exploit Message In Bitdefender

Recommended Posts

Posted · Original PosterOP

Chrome 80.0.3987.106

Windows 10 1909 18363.592

 

When doing a status update with the word, echo, with parenthesis around the word, and in italics, Bitdefender blocks it and the status update doesn't go through

 

exploit.PNG.73ca67a93f4fe0b40f0b9340f96df95c.PNG

 

EDIT: It should look like this

ex.thumb.PNG.a85194e5383a3ef9e7d2ceb59e1708c6.PNG

Link to post
Share on other sites
Posted · Original PosterOP
3 minutes ago, FakeCIA said:

Do you mean status update on here?

Yes here in the forums. 

The area where you can in your own profile

Link to post
Share on other sites
53 minutes ago, Syaoran said:

Yes here in the forums. 

The area where you can in your own profile

That is kinda weird. You are using Chrome, correct? I'll download it really quick and try to recreate it because I use Bitdefender and Malwarebytes. Both block certain scripts from running on websites, but I haven't seen them act that way for sites like this.


 

 

 

 

Link to post
Share on other sites

I'm not able to recreate it on standard settings. Can you give me the basics of what settings you have on for Bitdefender and Chrome? Don't give me any personal info.


 

 

 

 

Link to post
Share on other sites

When I check Flagfox via Tor, the Linus Tech Tips forum is registered via Go Daddy in Scottsdale, Arizona, USA powered by Cloudflare in Dallas, Texas. There is no record of fraudulent activity since the domain was registered on 2008-04-28. The IP address shown does match the one in the screenshot, but I'm not seeing anything suspicious on my end. In Bitdefender, there is a logging tool where you can mark suspicious IP's and they'll be blocked automatically. Go there and mark that IP in the setting to passive scan or to not scan. It may be an issue with where the IP is registered vs. where the business is located as LMG is based in Canada. Sometimes Malwarebytes does that when I access Bank of America via VPN. The only weird thing I see is the DomainsByProxy LLC affiliation, but I've seen those guys before. They're next to the Go Daddy HQ and Harley Davidson dealership on Hayden Road. They have concerts there and really good food. I think the guy who owns Go Daddy actually owns Harley too, but I could be mistaken on that.


 

 

 

 

Link to post
Share on other sites
5 hours ago, Syaoran said:

Chrome 80.0.3987.106

Windows 10 1909 18363.592

 

When doing a status update with echo and with parenthesis around the word, Bitdefender blocks it and the status update doesn't go through

 

 

exploit.PNG.73ca67a93f4fe0b40f0b9340f96df95c.PNG

Updates for you. Read above comments.


 

 

 

 

Link to post
Share on other sites
16 minutes ago, FakeCIA said:
Spoiler

When I check Flagfox via Tor, the Linus Tech Tips forum is registered via Go Daddy in Scottsdale, Arizona, USA powered by Cloudflare in Dallas, Texas. There is no record of fraudulent activity since the domain was registered on 2008-04-28. The IP address shown does match the one in the screenshot, but I'm not seeing anything suspicious on my end. In Bitdefender, there is a logging tool where you can mark suspicious IP's and they'll be blocked automatically. Go there and mark that IP in the setting to passive scan or to not scan. It may be an issue with where the IP is registered vs. where the business is located as LMG is based in Canada. Sometimes Malwarebytes does that when I access Bank of America via VPN. The only weird thing I see is the DomainsByProxy LLC affiliation, but I've seen those guys before. They're next to the Go Daddy HQ and Harley Davidson dealership on Hayden Road. They have concerts there and really good food. I think the guy who owns Go Daddy actually owns Harley too, but I could be mistaken on that.

 

 

Forum service runs through Cloudflare... And wouldn't be first time Cloudflare is causing something funny.

 

But I think is is more by some browser addon. Forum doesn't send stuff (afaik) anywhere else, but some addon or something else monitoring browser or typing activity might. Like I don't get anything when using any parenthesis and word echo.


^^^^ That's my post ^^^^
<-- This is me --- That's your scrollbar -->
vvvv Who's there? vvvv

Link to post
Share on other sites
6 minutes ago, LogicalDrm said:

 

Forum service runs through Cloudflare... And wouldn't be first time Cloudflare is causing something funny.

 

But I think is is more by some browser addon. Forum doesn't send stuff (afaik) anywhere else, but some addon or something else monitoring browser or typing activity might. Like I don't get anything when using any parenthesis and word echo.

Seems like most issues here come through Cloudflare.


 

 

 

 

Link to post
Share on other sites
Just now, FakeCIA said:

Seems like most issues here come through Cloudflare.

Not really. Cloudflare protection against attacks. Only times when it causes issues is when certain IP or IP range is blocked because suspection of DDoSing. And to other way around, BitDefender might have blacklisted IP used by CF for some reason.


^^^^ That's my post ^^^^
<-- This is me --- That's your scrollbar -->
vvvv Who's there? vvvv

Link to post
Share on other sites

That sounds like a BitDefender issue to me, and I would recommend raising the issue with them. Neither we, nor Cloudflare, not anyone else is doing anything weird to the text that you submit in a status update, it is just transmitted verbatim to the server to be stored.


HTTP/2 203

Link to post
Share on other sites
Posted · Original PosterOP
15 hours ago, FakeCIA said:

I'm not able to recreate it on standard settings. Can you give me the basics of what settings you have on for Bitdefender and Chrome? Don't give me any personal info.

Chrome is basically default except everything in autofill is disabled

In Bitdefender, I only have Firewall, Vulnerability, and Advance Threat Defense enabled

Link to post
Share on other sites

(echo)(echo)

Not causing anything. Are you running free version of BitDefender or paid one?

 

E: aaand remembered to test with Status Update too.

 

Though I'm using Firefox so this might be Chrome only too.

Edited by LogicalDrm

^^^^ That's my post ^^^^
<-- This is me --- That's your scrollbar -->
vvvv Who's there? vvvv

Link to post
Share on other sites
Posted · Original PosterOP
Just now, LogicalDrm said:

Not causing anything. Are you running free version of BitDefender or paid one?

Free trial but it should be working like the paid version

 

Also, I had to remove the (echo) part in the quote in order to reply 

Link to post
Share on other sites
6 minutes ago, Syaoran said:

Free trial but it should be working like the paid version

 

Also, I had to remove the (echo) part in the quote in order to reply 

Ok, this is 100% your end. Have you tried with another browser?


^^^^ That's my post ^^^^
<-- This is me --- That's your scrollbar -->
vvvv Who's there? vvvv

Link to post
Share on other sites
3 hours ago, LogicalDrm said:

Ok, this is 100% your end. Have you tried with another browser?

Is OP gonna update on this?


 

 

 

 

Link to post
Share on other sites
Posted · Original PosterOP
5 hours ago, LogicalDrm said:

Ok, this is 100% your end. Have you tried with another browser?

 

1 hour ago, FakeCIA said:

Is OP gonna update on this?

Same issue in Firefox and edge

Link to post
Share on other sites
41 minutes ago, Syaoran said:

 

Same issue in Firefox and edge

Take this up with Bitdefender then. Seems like it is on your end. I'm not seeing anything wrong with the forum or with my program.


 

 

 

 

Link to post
Share on other sites

My guess is that it's just BitDefender being too smart for its own good.

 

When you're typing certain combinations of characters, the message box where  you type connects to the website in background to retrieve stuff or be helpful... do stuff  like auto complete  or for example when you type @ character followed by a character, the forum suggests member names. BitDefender basically blocks the connection the forum page would make to get the list of members that start with the letter you typed after @ character.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×