katurdayI help run a LOLCat humor blog based on Wordpress. A very popular and well-known competing site, called ICanHasCheezburger, has inserted a bit of Javascript on his site, which attempts to do something nefarious with my wp-admin/post-new.php file. While I do not allow connections to the wp-admin folder except from my own IP address, it appears he is attempting to somehow disrupt my wordpress blog. Any ideas on what this code is doing?
<script type=“text/javascript”>
function showNav(el) { el.getElementsByTagName(’UL’)[0].style.left=’auto’; }
function hideNav(el) { el.getElementsByTagName(’UL’)[0].style.left=’-999em’; }
function pressthis(step) {if (step == 1) {if(navigator.userAgent.indexOf(’Safari’) >= 0)
{Q=getSelection();}else {if(window.getSelection)Q=window.getSelection().toString();
else if(document.selection)Q=document.selection.createRange().text;
else Q=document.getSelection().toString();}}
else {location.href=’http://www.katurday.com/wp-admin/post-new.php?text=
‘+encodeURIComponent(Q.toString())+’&popupurl=’+encodeURIComponent(location.href)+
‘&popuptitle=’+encodeURIComponent(document.title);}}</script>
There is a post on Katurday.com with a screenshot of this code: http://www.katurday.com/?p=1301
