Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
motomac2017-10-23 07:42:05
PHP
motomac, 2017-10-23 07:42:05

How to detect a malicious Google Chrome extension?

Today, when switching to lingualeo.ru (I entered it in the address bar with pens), I saw the following picture: I was redirected to ad.admitad.com , then to coupons-online.ru (I don’t remember the exact sequence) and only then to lingualeo.ru. Obviously, either lingualeo.ru itself is playing tricks, or some of the Google Chrome extensions, which is more likely.
Digging into the source code of extensions is quite dreary. A cursory glance turned up nothing. Perhaps there are more advanced places to search for such malware. Please advise if you know. Or maybe I'm generally sinning in vain on extensions?
All extensions are installed exclusively from the Chrome WebStore. Here is their list:

  1. Eye Dropper 0.5.2 - ID: hmdcmlfkchdmnmnmheododdhjedfccka
  2. Grammarly for Chrome 14.812.1246 - ID: kbfnbcaeplbcioakkpcpgfkobkghlhen
  3. JSON Formatter 0.6.0 - ID: bcjindcccaagfpapjjmafapmmgkkhgoa
  4. LastPass: Free Password Manager 4.2.0 - ID: hdokiejnpimakedhajhdlcegeplioahd
  5. LinguaLeo English Translator 2.0.3.3 - ID: nglbhlefjhcjockellmeclkcijildjhi
  6. Markdown Here 2.12.0 - ID: elifhakcjgalahccnjkneoccemfahfoa
  7. New Tab - Pocket 1.0.0 - ID: ikndkhohinloomoacdggllledgjehkcf
  8. Page Ruler 2.0.9 - ID: jlpkojjdgbllmedoapgfodplfhcbnbpn
  9. Proxy for Chrome 1.15 - ID: iilpibhiihokecnbdkaminemnmecjfed
  10. Save to Pocket 2.1.48 - ID: niloccemoadcdkdjlinkgdfekeahmflj
  11. Send to Kindle for Google Chrome 1.0.1.74 - ID: cgdjpilhipecahhcilnafpblkieebhea
  12. The Great Suspender 6.30 - ID: klbibkeccnjlkjkiokjodocebajanakg
  13. uBlock Origin 1.14.12 - ID: cjpalhdlnbpafiamejdnhcphjbkeiagm
  14. Vue.js devtools 3.1.6 - ID: nhdogjmejiglipccpnnnanhbledajbpd
  15. Window Resizer 2.6.0 - ID: kkelicaakdanhinjdeammmilcgefonfh
  16. Zhongwen: Chinese-English Dictionary 4.9 - ID: kkmlkkjojmombglmlpbpapmhcaljjkde
  17. Yandex.Music 0.0.471 - ID: kefiofndeiobnlbabkhfkfmgdhmhhfmc

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
T
ThunderCat, 2019-07-24
@ThunderCat

Firstly, you have already asked a similar question and you have been answered,
and secondly, stop coding shit and deal with database structures, data types and modifiers once already.
Also, as you have already been told - use the built-in bean mechanisms, and do not talk crap in the style of the 90s.
Check the data types that you have in the fields and which you have in the variables.
Still don't understand why you need to separate the date and time.
UPD: if you are already using a crooked approach, then at least wisely, check what you are doing there ...

$sql = "INSERT INTO tasks (`task`, `date`, `time`, `users_id`) VALUES ('$task', '$date', '$time', $users_id)";
var_dump($sql);
R::exec($sql);

PS: strip_tags doesn't protect against squal injections, which you can do there in full growth...

Similar questions
G
GRO242019-08-30 15:23:29
Why doesn't Bootstrap 4 align blocks? 2Reply
M
Mikhail Potapenkov2016-06-13 18:20:30
On initial startup, the OS issues a blue screen 0x0000007B. What does it mean? 4Reply
P
Pavel2014-05-18 14:34:20
How to set up Chrome DevTools Autosave on windows? 4Reply
T
thehighhomie2018-11-30 12:28:13
Plugin to generate PDF from JavaScript? 4Reply
D
Dmitry2019-09-20 14:21:34
Does not download files from utorrent, openwrt firmware? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question