Skip to content

Pig sticking mother funker

OK, I’m miffed – I’m pissed off big time with malware masquerading as helpful software, or is that the other way round?


Firstly, .. in my crosshairs tonight is the ftp program called FileZilla!

The main download page offers an **enhanced** version of their software. Download it and then the internal alarms go off in Win10, but you don’t see or hear the fuckers till it’s too pissin’ late and the bloody things been installed.

It appears that there is now a set of files included with the *.exe from the main approved FileZilla site, files that provide added user interaction in the shape of FusionCore.

** It’s crappy hidden software that’s nothing more than third party bundlers of adware and PUP applications.

The additional payload typically offers addon applications, that users of the original corrupted software are supposedly looking for. For example: file converters and photo editing software, that may also include adware and potentially unwanted programs (PUPs), that you’ve already approved for download in other third party software installers.

  • Remember folks, .. it’s all been done with your express permission, and it happened when you blindly accepted the terms and conditions of the officially registered and signed installer: grrrrrrrr!

Basically, that quick click of the wrist gave you a viral download to contend with, but like an organic STD: it’ll burn you at a later date. The, (not quite), malware in question, is explained fully in the MalwareBytes forum.

The Author of FileZilla, has even defended his stance on including his **enhanced** well placed software. From his unequivocal righteous position on what he’s allowed to happen in his name, then to put it mildly: I’m as pissed as fuck that this poxy shite, from that wrist jerk by that unprincipled jerk, has even got on my system to impregnate it in the first place.

Using a condom to come off, .. on top. Here’s how to get what you want without paying the prostitutes going rate. Follow the link to the official ZIP file download page, and then find the zip archive of your choice: either 64 bit or 32 bit, ..

BTW: 32 bit programs work fine on 64 bit machines, but not visa-versa: always install 32 bit if unsure.

The following, direct download link of the zip file, might not work for you due to nightly build numbers, but as of 05/09/2002 — it is correct, .. FileZilla_x.xxxxx_win64.zip

In wrist usage, .. download the zip file and extract the contents to wherever you want: go into the newly created FileZilla directory, and then simply double click on the FileZilla.exe file. Boom! – Working ftp program, and no pissing install required. I just moved my directory to, ..

“C:\Program Files\FileZilla\” and then created a shortcut to “filezilla.exe” on my desktop.

My newly crated baby software link is now all working as expected, and the diaper dumps via the FTP Software-Manager occurs inside one of the folders, located off of the main arseholes directory, .. yes: not happy with him at all.


My second pissing gripe, .. is directed at those fucking late alarms built right into Win10 itself.

Now, usually I have nothing but high praise for Windows Defender, it does what it says on the tin, and does it well, and the scanner even reported that the FileZilla file was clean.

Then after the install the shit hit the fan, because it was at that point that App and Browser Control kicked off. Defender allowed me to install that viral load, and only after the name of the *.exe was registered in my download page: did the small icon on the task bar indicate that there was a problem. 

Fusion.c (is – was) considered as a low risk, with the App asking, What do you want to do:- Delete, Quarantine or Ignore. 

Deleting and Quarantining does precisely that, but it doesn’t stop the bloomin’ warnings from staying plastered right across the taskbar icon, or even inside the App part of the program itself, and all other attempts to delete again: result in errors being recorded to the effect that this action cannot be accomplished, ..

WTF?? – Has the viral infection got in?? – Is my entire system screwed??

So I ran the Defender program off line (nothing.)

Yet the App Browser Control warnings remained.

Pissing gripe 2.a), .. downloaded Malwarebytes, ran an in-depth scan, again – (nothing!)

** But that free program slowed my machine down to a craw, and it’s got some guts: so as a consequence, there’s no link for it, you want it you find it, but I’m not impressed with  the damned thing, especially with the software trying to install and run the Pro version, instead of the free one which is all I wanted. I was especially *not* impressed with the heavy-selling-techniques it went in for, in just trying to make me keep the heavy weight program on my system. 

Geek uninstaller found absolutely shit loads of crap that Malwarebytes left behind, which also means that the windows registry will be full of the crappy stuff as well. Sigh! – Another cleaning job for another time.

So, with the App and Browser Control (!) warnings still plastered all over the Defender Shield Icon, and right in my worried eye line, and with me not being able to do anything about it anyway: I reluctantly turned (off) the Low Warnings in the software control panel, basically telling the software to (ignore the warnings) in these missing files that it had already deleted.

At which point the App reappeared, but minus any (!) warning icons, about the poxy missing files: that, (as I say), ({ IT! }) had already deleted – (!)

Mickysoft, .. your software really sucks sometimes.


Third bitch, .. is directed at WordPress itself, and especially Firefox. 

As some of you may well know, my website is constantly being hammered with brute force login attempts. The poxed-up Hackers haven’t got in yet, and that’s all due to the thirty two length character password string that I’m using (god help me if I ever lose it.)

So to dissuade them, I installed a plugin that actually hides the wp-login.php and wp-admin.php files: thusly stopping the Hacking Twatts dead, but it didn’t, and the cheeky fucks who make the plugin even have a PRO version that they want you to buy.

Now, .. I’d never have even known that it wasn’t working, if I hadn’t had a brute force plugin installed that reported the illegal login attempts.

Here’s a small example of my sites GET and POST request that’s been generated by the Apache server log.

After numerous attempts of overloading the server itself with weird request strings, the Bot script itself then uses a well known loop-hole to reveal the hidden login string: more of that later, here the Bot issued a standard GET statement.

[ 02/Sep/2020:01:10:00 +0100 ] “GET /b92login/ HTTP/1.1” 200 9591 “https://www.b92mjs.co.uk/b92login/” “Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 OPR/54.0.2952.51” 95.84.54.4 www.b92mjs.co.uk 95.84.54.4

Then the BOT attempts to login with a POST statement, but after two failed attempts the IP address gets blacklisted for 24 hours, via a most excellent WP Plugin called Limit Login Attempts Reloaded.

[ 02/Sep/2020:01:10:01 +0100 ] “POST /b92login/ HTTP/1.1” 200 9820 “https://www.b92mjs.co.uk/b92login/” “Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 OPR/54.0.2952.51” 95.84.54.4 pigsoft.net 95.84.54.4

BUT, as I’ve found out: the Poxy Arsed Fuck Pig Hackers have more IP address to hand that I can handle, and the above Apache Log commands occurred within micro seconds of each other, with more pouring in by the minute.

So my bitch in this case, .. is the Firefox bug that forces the WordPress core to show the login string, an issue that’s been known about for at least five years, here’s the link to the article at wordpress.org.

Basically in a nutshell, open the Firefox browser: go to your website that has a hidden wp-login.php plugin installed, and then in Firefox add the following to the end of your web site string as in, ..

http://www.mysite.com/%77%70%2D%6C%6F%67%69%6E.%70%68%70 

Replace the https://www.musite.com URL with your own sites URL to see your own hidden login string magically revealed. Which is a hacking trick that the scripted Bots are using, and is a flaw that’s been known about for at least four years.


Epilogue: why the fuck do we put up with this inefficient sodden soft (ware) shit?

 

Thanks for reading, Jessica: Praise be the ORI.

Published inNewsReviews

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Click to access the login or register cheese

This is a local popup, .. it’s been placed here to advertise the fact that you can have your own **free** local WordPress environment, and at the click of a button.

I’m putting my own reputation on the line to push this local program, and what I can say on the subject: is quite frankly it’s brilliant. The program itself will provide you with a very simple WP environment to go local: simple but powerful.

Setting it up and running it is a breeze, but like everything else software wise out there, you do need to read the docs: just a little bit to get it running.

Did I mention that it’s free!

Download and install it here.

Try it, you won’t be disappointed.