Greenguy's Board - View Single Post

cd34 · 2009-05-03, 10:30 PM

Encoding makes it hard for someone to change the link and remove the link that they are trying to send a little PR to. It is usually wrapped around some other function so that removing it breaks the template somewhat. That's their 'payment' for making the free template.

However, it does make it incredibly easy to hide a malicious payload -- a payload that probably 90% of the internet wouldn't ever notice. If you had something unique enough in the template that you could find sites using it through a google search, you could exploit a few machines.

It is the reason I suspect that the templates were not delivered with exploits, but, modified through the wordpress admin.

2009-05-03, 10:30 PM	#6
cd34 a.k.a. Sparky Join Date: Sep 2004 Location: West Palm Beach, FL, USA Posts: 2,396	Encoding makes it hard for someone to change the link and remove the link that they are trying to send a little PR to. It is usually wrapped around some other function so that removing it breaks the template somewhat. That's their 'payment' for making the free template. However, it does make it incredibly easy to hide a malicious payload -- a payload that probably 90% of the internet wouldn't ever notice. If you had something unique enough in the template that you could find sites using it through a google search, you could exploit a few machines. It is the reason I suspect that the templates were not delivered with exploits, but, modified through the wordpress admin. __________________ SnapReplay.com a different way to share photos - iPhone & Android