0

Firstly, I apologize if this is the wrong Stack, but I guess my fellow Geeks here might find this interesting ..

I was looking for the IEEE 754 documents on the IEEE website, Binged it first, and used the 'official Website' link which 404'd! Anyway, went to the root of the domain, and used the search option for '754'. In the search results there are some rather bizarre Javascript texts. Such as:

    window.XfSn = !!window.XfSn;
try {
    (function () {
        (functi _i() {
            var S = !1;
            function I(S) {
                for (var I = 0; S--; )
                    I += O(document.documentElement, null);
                retu I
            }
            function O(S, I) {
                var L = "vi";
                I = I || new z;
                return _Z(S, function (S) {
                    S.setAttribute("data-" + L, I.ZS())O(S, I)
                }, null)
            }
            function z() {
                this.jz = 1;
                this.iz = 0;
                this.Ll = this.jz;
                this._L = n this.reset(),
                this.ZS();
                this.iz = this.Ll;
                this.Ll = th this.Ll
            };
            this.reset = function () {
                this.jz++;
                this.iz = ZZ = !1;
                function ...

There are others search results like this, show the JS in the summary for the search result, unfortunately it truncates the Summary so I can't see the full script :\

Anynoo, it's nearly 3am here and there is no way I will click one of the pages when I'm this tired!

Anyone seen this before? It looks to me like some bad attempts for an XSS hack?

This is the search page, don't worry about the JSessionID as I'm not logged in to it!

(I'm using Edge for my sins, but I like earning points - but this also happens using fire fox)

Than you very much!

Cryogen
  • 103
  • 2

1 Answers1

0

I was looking for the IEEE 754 documents on the IEEE website,

The correct search page is https://ieeexplore.ieee.org/Xplore/home.jsp, which will return abstracts.

You have to pay to access the full documents (unless you have an Institutional Sign In).

enter image description here

DavidPostill
  • 153,128
  • 77
  • 353
  • 394
  • Thank you for that! However, I'm somewhat more interested in the phenomena of those weird JavaScript summaries that are showing - Are they actually legit, or legacies of failed (or even successful!) code injection attacks? If Legit, what sort of behaviour might be attempting to achieve? I'm asking from an education perspective rather than opinion as I'm sadly out of date with my JS coding due to long-term sickness recovery and then getting hit with Covid ... I'm only now just starting to get back into these things! – Cryogen Jan 25 '21 at 16:09
  • I've absolutely no idea about your weird JavaScript. – DavidPostill Jan 25 '21 at 17:52
  • Fair enough! Thank you for considering it though, I appreciate that a lot! – Cryogen Jan 26 '21 at 13:59