String decode extracted from web log - security

Working on log analysis, I found a string with odd syntax and contents, by parsing page field of web log (a webshell?):
/campaign/(f(2ewt_ygmarlagti7sw4tvhj0zk17klgxnhnk1aawgtixm5x-2qmvsvouolvaffrhitumf4wnk496p2dbzmkc3ywfloksiixdtrlawmt78f_mg-45kdzzpdlnogeishkcgtohttp://www.facebook.com/externalhit_uatext.phptelf6gqmu2ia0i1j5lfgmcvw1))/home/index
Could someone guide me how to decode this string and find a clue ? Also why is the following:
http://www.facebook.com/externalhit_uatext.php
included in the string?

I am quoting https://www.facebook.com/externalhit_uatext.php
Facebook allows its users to send links to interesting web content to other Facebook users. Part of how this works on the Facebook system involves the temporary display of certain images or details related to the web content, such as the title of the web page or the embed tag of a video. Our system retrieves this information only after a user provides us with a link. You may have found this page because a Facebook user sent a link from your website to other Facebook users. If you have any questions or concerns about any links or content sent by one of our users, please contact us at legal#facebook.com.
My guess is that someone posted a link to your website to Facebook and someone clicked on that link (visited your website through that link). The (probably) encoded stuff seem a bit random though. If I were you I would either post a link from my website on Facebook, click on it and see if I get something similar. If it doesn't look like that, I would contact legal#facebook.com to clarify whether it is linked to them.

Related

Why are my Sharepoint Links missing the Tenant?

I am working on an automate flow that emails a share point page to a list of subscribers whenever the page is updated.
Everything works except the links contained in the email (/page). On share point i am able to navigate to the link however in the email the page redirects me to /sites/xxx/xxx.aspx. It is missing the tenant information.
Is there a setting i missed or something that is preventing sharepoint from including the full link when sending the email?
I made sure the full link was typed when the hyperlink was created and am using an HTTP to share point (in automate) and inserting the "CanvasContent1" into the email. I checked the html being sent and the link title is given as the full link but the href is given as /sites/xxx/xxx.aspx.
Thank you for everything
On a SharePoint page, links will be converted to relative links when the page is saved.
If you copy the page content as rendered into an email, then, yes, the tenant will not be included in the link, since the link is never intended to be used outside of the context of the page, where the link works fine.
So, you need to change your approach when emailing the page. Maybe email just a link to the page, then people can take it from there. Or, manipulate the html content in PowerAutomate and replace /sites/xxx with https://Yourtenant.sharepoint.com/sites.xxx

Share via FBSDKShareDialog ignores applink defined on target page

This has been driving me nuts all day:
I have an iOS app with a custom URL scheme defined, and am trying to share a link on FB which points to a page that has this scheme in its applink meta tags, so that tapping it should fire up my app.
Every little piece of it is working just fine. I can enter my URL scheme in safari on the phone and the browser launches my app. I have tested my webpage with the FB debug tool and there are no errors or warnings - it correctly identifies all the meta tags.
If I share the link using FB on the phone or on my laptop, all works fine.
HOWEVER, if I share the exact same link using FBSDKShareDialog, it does not work. It just opens the web page with the meta tags as if it was any regular web page.
Anyone has any idea why these two ways of sharing would be different? They look exactly the same otherwise.
If anyone else runs into this problem, here's the reply from FB:
When you share with mode automatic, the app does a fast app switch over to the FB app to show the native share dialog
The post is cached locally on the device, and it does not know about app links (since only Facebook server side knows about it)
When the user opens the FB, the user sees their cached story (with no app links behavior),
This doesn't manifest with the Web mode since the Facebook app needs
to pull from the server to get the post, in which case it has all the
app links info.
This is unlikely something that we'll fix. However, after a while, the
cache will expire, and Facebook app will re-pull the posts from the
servers, in which case the app link data will be available.
In order to test this, you can share the post on one device, and then
try clicking on the post from another device. The app links should
work at that point.
Which is kind of a lame response IMO - they parse the target page to build the preview, how hard would it be to remember the applink and use it?
There could be two possible issues:
Either the one told by #NJ, i.e. you are just trying to open the link in Facebook app, using the same device from which you posted the link.'
Solution - either open link in other device or cose and re-open your facebook app and do multiple refresh
Or You have some error in your meta tags. There is one important thing though, that Facebook never mentions, i.e. they cache the URL you provide.
So any one used the web link with meta tags the first time in Facebook, Whole meta tags will be cached, and you updated meta tags won't be parsed by facebook.
Solution
To get over with the issue, use below link
Facebook debug tool
Input your meta data included web page URL and
-click on show existing scrape information to find any error
Click on Fetch new scrape information for refreshing your URL on facebook. it will clear the cache for that URL in facebook server.

How to implement Google’s Search index for an restricted site?

I am trying to index a fully authenticated site which is not open to anonymous users in Google’s Search index.
But, As per my understandings, the service ‘First Click Free’ from Google to include relevant content in Google’s Search index will work on few basic conditions like
-> User who came from google search result should be shown with the full content of the current page without asking for registration or payment or login
-> Google crawler won’t work on the pages which are behind registration or login pages.
In such cases how should i process further ?
Example : If my site www.example.com/article is an restricted article listing page which will be shown to the authenticated users alone, How should i process with Google's Search Indexing?
-> So that if I search for "articles in example.com", I need to get www.example.com/article in google's search result.
-> If a user clicks on the search result link he should be taken to www.example.com/article page if his session is already running.
-> If his session is not active he should be asked to login as the site is already doing that.
Can anybody suggest some ideas for this issue?
I hope ip_login(https://www.drupal.org/project/ip_login) module will help to crawl the restricted pages.

Retrieving files from blog media entries

The tool I'm building needs pull data from IBM Connections Ideation Blogs. I therefore use the Connections API with basic authentication to read Blog Entries. This goes well until the description contains images. When I ask the API to provide media resources for the blog, it does not show any entries of the /BLOGS_UPLOADED_IMAGES location - the one containing images uploaded through the blog's richtext editor. The user I use in my API call is the same user who created blog entries and uploaded pictures.
However the API call DOES contain images I publish using the API and a POST request to the blog's media entry collection. This is where the next problem appears. Those Atom entries for images contain various links, one of them with a ref="enclosure", of which the API documentation (link) tells me to "Use the web address in the href attribute to obtain the binary content of the file". However, my calls to this adress are always answered with 404 response code.
Another url in the Atom entry (this time of the element) is described by the same documentation (see link above) as: "Provides access the document's media. The following operation is supported: GET: Use the web address to obtain the media." When I make a call to this url, as always with basic authentication credentials attached, the response contains the html of the login form of Connections, so API authentication does not seem to be supported on this url. This is only the case for non-public communities, which require authentication, of course, if the picture is publicly availabe all works just fine.
Am I missing something out? Is there another way to retrieve the actual image from a blog's media entry through the API? Are manually uploaded pictures never contained in the media entries result or is this a bug?
It now magically works using the link with ref="enclosure" from the atom entry. I might have gotten something wrong with authentication I guess (although I'm not actually realizing what I'm doing different now than I did before).
Problem remaining: Pictures uploaded through the rich-text editor in the folder /BLOGS_UPLOADED_IMAGES do not appear in the media feed of the blog.

LIKES done by me on my own page don't show up anymore after making an app to post to my page's fanpage

I really hope someone can tell me more about what's going on, because I spent days searching the net and for the life of me can't say what is going on.
Here's what happened. I have a website 4nieuws.nl . On every article's page I put a like button using the Javascript SDK. All worked well. On facebook I created a fanpage for the website, facebook.com/4nieuws and every now and again I would copy an interesting article there. The like button and Javascript SDK on 4nieuws.nl uses the APP Id from an app I created specifically for that purpose.
Then I thought I might automate to publish the most popular articles on the fanpage using the PHP api. I set about getting the proper authorization key using the sequence explained on this page: http://www.typeoneerror.com/articles/post/permanent-facebook-sessions-and-posting-as-a-page
For this to work I authorized the previously mentioned app to publish on the facebook fanpages that I am admin of. And this works.
Now for the strange part. Ever since I authorized the app, if I go to 4nieuws.nl and like a page, or even 'post to facebook', the button shows 1 more like. But the like message never shows up on my personal wall. My wife, logged in to her own facebook account, gets a notification that I liked a page, but when she clicks the notification she is sent to a Facebook 404 page. When I subsequently reload the article, my 'like' is not there anymore.
Has anyone ever come across something like this ? I'm a bit anxious because I am not sure if other peoples likes on 4nieuws.nl are working as it should. I do see likes on pages but have no idea if those likes are actually registering on peoples walls.
Any help greatly appreciated.

Resources