• Welcome to Simple Machines Community Forum. Please login or sign up.
December 04, 2021, 12:36:18 AM

News:

Join the Facebook Fan Page.


password incorrect errors

Started by tempneff, February 01, 2011, 01:15:23 AM

Previous topic - Next topic

butchs

Ah, that is why there is a hit rate test.

Do you have the injection uri string?  If it is safe, want to trade injections via PM?
8)  :P
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Arantor

The URL was http://arantor.org/index.php?action=login2 submitted via POST. Nothing special, nothing suspicious. Requests are 4 to 8 minutes apart, from all different IPs.

My patch was very specific for the scenario generated by this bot.
No good deed goes unpunished
All helpful urges should be circumvented

butchs

Understood, you were looking at a log and were unable to capture the string.  Nevertheless, good work stopping it.

PM will be sent soon.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Arantor

Yes, I was looking at some custom logs, which I'd written myself ;) Which included a lot more than normal, not least all of the contents of $_SERVER, apache_request_headers() and a few other things, though I gave limited logging to others.
No good deed goes unpunished
All helpful urges should be circumvented

Norv

Please see, for further information and options,
Simple Machines Forums attacks

butchs, I appreciate any informations you could give about the specific pattern of the attack on your forum.
To-do lists are for deferral. The more things you write down the later they're done... until you have 100s of lists of things you don't do.

File a security report | Developers' Blog | Bug Tracker


Also known as Norv on D* | Norv N. on G+ | Norv on Github

butchs

Pattern of attacks?  I covered all the ones I know with my mod.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

butchs

lethal-danger can you please repost your questions over the Forum Firewall support board before I get into any more trouble with Norv?  His cat looks meaner than mine...   :-\
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Norv

LOL, I can fix that. :D

Though for now, I like it!
To-do lists are for deferral. The more things you write down the later they're done... until you have 100s of lists of things you don't do.

File a security report | Developers' Blog | Bug Tracker


Also known as Norv on D* | Norv N. on G+ | Norv on Github

Advertisement: