Dear campers, I received the following assignment for a job interview:
I received a landing page, https://traders-vendetta.cc/lp.php, with the goal of stripping it down from any script that collects data from a viewerr\user\server and sends it out, and return a visually similar page though clean of data collecting srcripts.
I sniffed through all the scripts, and identified 3 scripts to remove, the first inline script, which seems to be connected to the New-Relic API, the SendPulse script, and the SubscribeController script. The result however changed the output of the page.
How would you go about doing the task I was given?
This page is in PHP. As such, you won’t be able to read the backend code, so how would you know what scripts are collecting data?
Either the company wants you to work on a scamming page or you are posting a scamming page here
https://binarysignalsadvise.com/traders-vendetta-review-scam/
Yeah, I’m delisting this. Edit: relisted after explanation from OP!
I should have warned that it is a scamming page, I’m sorry.
But yes, they wanted me to work on two scamming page, and see if I can clean them out of malicious scripts. this was one of them, the other one was tnt-trading.
@JaceyBennett now that’s weird because I was interviewed for a front end position where I told that I have yet to worked with PHP. So you say that without access to their server I wouldn’t be able to find malicious scripts only by downloading the webpage and sniffing through the given scripts?
You could clear the JavaScript scripts, which would be visible by viewing the source, but the PHP scripts are only visible in the actual source code, so you’d need access to the files.