|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 48
Members: 0
Total: 48
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
once again they tried to hack my web site |
|
Posted: Tue Jun 01, 2004 9:23 pm |
|
|
Saladin |
Regular user |
|
|
Joined: May 26, 2004 |
Posts: 19 |
|
|
|
|
|
|
|
It is new Code for me, i had never seen such Codes..
The attacker typed:
lang=english; admin=; phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bs%3A2%3A%2223%22%3B%7D; phpbb2mysql_sid=ae75a111fb9a4be54da5a0b3df922972; user=MjM6bWFscGVyc2F6OmJmY2QwMWI2NjY2MmM3YWQyY2U2MzIwMmNjNjQwNTI5OjEwOjowOjA6MDowOjo0MDk2; phpbb2mysql_t=a%3A2%3A%7Bi%3A12%3Bi%3A1086085457%3Bi%3A43%3Bi%3A1086085480%3B%7D; lang=german
and he got:
Warning: stat failed for language/lang-english; admin=; phpbb2mysql_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:2:\"23\";}; phpbb2mysql_sid=ae75a111fb9a4be54da5a0b3df922972; user=MjM6bWFscGVyc2F6OmJmY2QwMWI2NjY2MmM3YWQyY2U2MzIwMmNjNjQwNTI5OjEwOjowOjA6MDowOjo0MDk2; phpbb2mysql_t=a:2:{i:12;i:1086085457;i:43;i:1086085480;}; lang=german.php (errno=36 - File name too long) in /home/xxxxmywebsite/public_html/mainfile.php on line 34 |
|
Last edited by Saladin on Tue Jun 01, 2004 9:48 pm; edited 1 time in total _________________ Freedom for Kurdistan |
|
|
|
|
|
New |
|
Posted: Tue Jun 01, 2004 9:25 pm |
|
|
Saladin |
Regular user |
|
|
Joined: May 26, 2004 |
Posts: 19 |
|
|
|
|
|
|
|
what the attacker did here:
What is the "admin"? the user name or the admin-name?
ae75a111fb9a4be54da5a0b3df922972
and
MjM6bWFscGVyc2F6OmJmY2QwMWI2NjY2MmM3YWQyY2U2MzIwMmNjNjQwNTI5OjEwOjowOjA6MDowOjo0MDk2
? |
|
|
|
|
|
hrmm |
|
Posted: Tue Jun 01, 2004 10:16 pm |
|
|
icenix |
Advanced user |
|
|
Joined: May 13, 2004 |
Posts: 106 |
Location: Australia |
|
|
|
|
|
|
Looks SQL Injection and also XSS at the same time.
because i can see:
Code: |
phpbb2mysql_sid=ae75a111fb9a4be54da5a0b3df922972;
|
but thats what the guy typed.
thats either his SID or your SID.
just block his IP for now.
Janek will help you out.
PS: if you ever need to add something to a message that you forgot..
just make use of the edit function |
|
|
|
|
www.waraxe.us Forum Index -> PhpNuke
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|