Advertisement:

Author Topic: password incorrect errors  (Read 21512 times)

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,730
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: password incorrect errors
« Reply #120 on: February 19, 2011, 04:31:39 PM »
Ah, that is why there is a hit rate test.

Do you have the injection uri string?  If it is safe, want to trade injections via PM?
 8)  :P
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 71,982
    • StoryBB/StoryBB on GitHub
Re: password incorrect errors
« Reply #121 on: February 19, 2011, 04:33:28 PM »
The URL was http://arantor.org/index.php?action=login2 submitted via POST. Nothing special, nothing suspicious. Requests are 4 to 8 minutes apart, from all different IPs.

My patch was very specific for the scenario generated by this bot.
Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

No good deed goes unpunished / No act of charity goes unresented.

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,730
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: password incorrect errors
« Reply #122 on: February 19, 2011, 04:37:10 PM »
Understood, you were looking at a log and were unable to capture the string.  Nevertheless, good work stopping it.

PM will be sent soon.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 71,982
    • StoryBB/StoryBB on GitHub
Re: password incorrect errors
« Reply #123 on: February 19, 2011, 04:41:40 PM »
Yes, I was looking at some custom logs, which I'd written myself ;) Which included a lot more than normal, not least all of the contents of $_SERVER, apache_request_headers() and a few other things, though I gave limited logging to others.
Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

No good deed goes unpunished / No act of charity goes unresented.

Offline Norv

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 18,313
  • Blue Wolf
Re: password incorrect errors
« Reply #124 on: February 19, 2011, 04:43:13 PM »
Please see, for further information and options,
Simple Machines Forums attacks

butchs, I appreciate any informations you could give about the specific pattern of the attack on your forum.
To-do lists are for deferral. The more things you write down the later they're done… until you have 100s of lists of things you don't do.
File a security report | Developers' Blog | Bug Tracker

Also known as Norv on D* | Norv N. on G+ | Norv on Github

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,730
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: password incorrect errors
« Reply #125 on: February 19, 2011, 04:53:12 PM »
Pattern of attacks?  I covered all the ones I know with my mod.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,730
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: password incorrect errors
« Reply #126 on: February 19, 2011, 08:35:22 PM »
lethal-danger can you please repost your questions over the Forum Firewall support board before I get into any more trouble with Norv?  His cat looks meaner than mine...   :-\
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline Norv

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 18,313
  • Blue Wolf
Re: password incorrect errors
« Reply #127 on: February 19, 2011, 08:49:55 PM »
LOL, I can fix that. :D

Though for now, I like it!
To-do lists are for deferral. The more things you write down the later they're done… until you have 100s of lists of things you don't do.
File a security report | Developers' Blog | Bug Tracker

Also known as Norv on D* | Norv N. on G+ | Norv on Github