Advertisement:

Author Topic: password incorrect errors  (Read 21812 times)

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,734
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: password incorrect errors
« Reply #120 on: February 19, 2011, 04:31:39 PM »
Ah, that is why there is a hit rate test.

Do you have the injection uri string?  If it is safe, want to trade injections via PM?
 8)  :P
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 73,189
Re: password incorrect errors
« Reply #121 on: February 19, 2011, 04:33:28 PM »
The URL was http://arantor.org/index.php?action=login2 submitted via POST. Nothing special, nothing suspicious. Requests are 4 to 8 minutes apart, from all different IPs.

My patch was very specific for the scenario generated by this bot.
No good deed goes unpunished
All helpful urges should be circumvented

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,734
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: password incorrect errors
« Reply #122 on: February 19, 2011, 04:37:10 PM »
Understood, you were looking at a log and were unable to capture the string.  Nevertheless, good work stopping it.

PM will be sent soon.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 73,189
Re: password incorrect errors
« Reply #123 on: February 19, 2011, 04:41:40 PM »
Yes, I was looking at some custom logs, which I'd written myself ;) Which included a lot more than normal, not least all of the contents of $_SERVER, apache_request_headers() and a few other things, though I gave limited logging to others.
No good deed goes unpunished
All helpful urges should be circumvented

Offline Norv

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 18,313
  • Blue Wolf
Re: password incorrect errors
« Reply #124 on: February 19, 2011, 04:43:13 PM »
Please see, for further information and options,
Simple Machines Forums attacks

butchs, I appreciate any informations you could give about the specific pattern of the attack on your forum.
To-do lists are for deferral. The more things you write down the later they're done… until you have 100s of lists of things you don't do.
File a security report | Developers' Blog | Bug Tracker

Also known as Norv on D* | Norv N. on G+ | Norv on Github

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,734
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: password incorrect errors
« Reply #125 on: February 19, 2011, 04:53:12 PM »
Pattern of attacks?  I covered all the ones I know with my mod.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,734
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: password incorrect errors
« Reply #126 on: February 19, 2011, 08:35:22 PM »
lethal-danger can you please repost your questions over the Forum Firewall support board before I get into any more trouble with Norv?  His cat looks meaner than mine...   :-\
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline Norv

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 18,313
  • Blue Wolf
Re: password incorrect errors
« Reply #127 on: February 19, 2011, 08:49:55 PM »
LOL, I can fix that. :D

Though for now, I like it!
To-do lists are for deferral. The more things you write down the later they're done… until you have 100s of lists of things you don't do.
File a security report | Developers' Blog | Bug Tracker

Also known as Norv on D* | Norv N. on G+ | Norv on Github