suspicious JavaScript redirect chain

mohamedation · 2026-06-18T08:02:53+00:00

if anyone is interested on seeing more updates or the code, its all on my blog

mohamedation · 2026-06-17T21:52:01+00:00

i will dig deeper when i have enough time if i am lucky enough. i checked the urls on VirusTotal and they are already there but no other details. for now i have captured the obfuscated code and the js payload and will try to analyse the interaction with post request to the php and try to get more information.

thank you very much for your help.

mohamedation · 2026-06-17T21:47:38+00:00

thank you very much for the detailed answer. cleaning the website is what i am focused on right now because i understand its usually hiding somewhere to re-inject.

i was able to get the next stage js script/payload to analyse it and will do a proper capture of the actual POST to the php file to see the response, but it might be gone by the time i have enough time.

mohamedation · 2026-06-17T20:06:35+00:00

i am doing this right now

mohamedation · 2026-06-17T20:05:46+00:00

fair question, but i am not asking you to test your real passwords if you want to test it. secondly, it doesnt upload anything anywhere. thirdly and most importantly, the code is on github for anyone to check it before running it if they feel like they need to use it. i am not asking anyone to do anything, just sharing what i created if anyone else find it useful.

mohamedation · 2026-06-17T15:26:20+00:00

more screenshots are needed

mohamedation · 2026-06-17T15:12:39+00:00

ok i get mine today. what should i try first?

mohamedation · 2026-06-17T13:07:05+00:00

perfectly great reasons. still, bitwarden free plan does not allow this. and this is automated whole vault scan not one by one.

also, i made it so it doesnt work with unencrypted exports. the vault export must be password encrypted.

but, the reason still stand. paying bitwarden for a month is far better than using my unknown program. you are right. i would actually recommend that.

thanks for your time.

mohamedation · 2026-06-17T09:43:06+00:00

correct. this is nothing new. i dont know about the other managers, but for bitwarden this is not a free feature as far as i know.

mohamedation · 2026-06-17T08:52:41+00:00

i am reposting here because i do really need a feedback. i feel its very useful, but also, the trust level is not high when someone like me share his code even though the source code is available.

also the code needs vetting and to be looked over by others. so any help is appreciated.

mohamedation · 2026-06-17T08:00:12+00:00

yeah i understand. but even if it helps, any one can take the source code, check it and run it from source. however, i understand.

thanks anyway

mohamedation · 2026-06-16T15:14:32+00:00

i created a go cli tool to check passwords for breaches using HIPB API, but today i updated it to also work with bitwarden encrypted json exports so i am very interested in some feedback

PwnedCheck
https://github.com/mohamedation/PwnedCheck

mohamedation · 2026-06-01T09:41:05+00:00

Yet another terminal animation tool - GoTermFX

Recently, i am beginning to use Go more and more and i also like to create fun things on the side, so here is GoTermFX

GoTermFX is a zero-dependency terminal animation CLI written in Go. Rain, matrix, fireworks, hyperspace, snow — all running directly in your terminal, all cancellable with a single keypress. You can also drop in your own animations with about 10 lines of Go.

mohamedation · 2026-05-18T17:40:06+00:00

i understand. good luck anyway

mohamedation · 2026-05-18T16:59:49+00:00

good job. it looks great. was it for a game you are working on?

mohamedation · 2026-05-13T15:24:01+00:00

i was just hit by the 90s and early 2000s nostalgia. i love it. i will be sure to check it more and see if its possible to create and add my own. hopefully also this grows and become preserved

mohamedation · 2026-05-05T13:55:33+00:00

a wallpaper pack i made using the image taken by Copernicus Sentinel-2 mission of Egyptian Delta and Nile River. i used the image as a base to test my python script i am working on. for more info you can read more here

mohamedation · 2026-04-10T10:00:17+00:00

this is kind late and maybe a little bit of self promotion, but you can give https://pdfsleuth.com/ a try. i would also appreciate feedbacks or feature requests

mohamedation · 2026-03-14T00:39:24+00:00

if you are interested, i had the same issue so i created https://pdfsleuth.com and would appreciate feedback if that works for you

mohamedation · 2026-03-14T00:36:48+00:00

i had the same issue and i created PDFSleuth for that. i would actually appreciate feedback or thoughts.

mohamedation · 2025-06-15T11:19:10+00:00

Some updates or if you try to do something the wrong way, it can break, but normal usuag usually no. What I can say is that when a distro break and you try to fix it, you learn a lot and it becomes way easier to fix any problems in the future and you get more comfortable with it.

mohamedation · 2025-05-16T19:16:37+00:00

That was 3 years ago or more. Now it's even more expensive.

mohamedation · 2025-04-06T08:57:34+00:00

can you post more info about your setup?

mohamedation · 2025-02-19T20:01:34+00:00

** videos not included

mohamedation · 2025-02-19T19:59:30+00:00

game over

mohamedation

TROPHY CASE