Posible attack

Reply·Subscribe
jimie
jimieAdvanced
197 posts
0
 

Variable: REQUEST.DescriptionMe.0 | Value: dUhdf4  <a href=\"http://chvfhpajumok.com/\">

chvfhpajumok</a>, [url=http://gjynrfihfkja.com/]gjynrfihfkja[/url], [link=http://emmpngkszjmm.com/]emmpngkszjmm[/link], http://fgjcequghjuz.com/
Impact: 9 | Tags: xss, csrf, id, rfe, lfi
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20
Description: Detects url injections and RFE attempts | Tags: id, rfe, lfi | ID: 61

Variable: REQUEST.DescriptionMe.1 | Value: dUhdf4  <a href=\"http://chvfhpajumok.com/\">chvfhpajumok</a>, [url=http://gjynrfihfkja.com/]gjynrfihfkja[/url], [link=http://emmpngkszjmm.com/]emmpngkszjmm[/link], http://fgjcequghjuz.com/
Impact: 9 | Tags: xss, csrf, id, rfe, lfi
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20
Description: Detects url injections and RFE attempts | Tags: id, rfe, lfi | ID: 61

Variable: POST.DescriptionMe.0 | Value: dUhdf4  <a href=\"http://chvfhpajumok.com/\">chvfhpajumok</a>, [url=http://gjynrfihfkja.com/]gjynrfihfkja[/url], [link=http://emmpngkszjmm.com/]emmpngkszjmm[/link], http://fgjcequghjuz.com/
Impact: 9 | Tags: xss, csrf, id, rfe, lfi
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20
Description: Detects url injections and RFE attempts | Tags: id, rfe, lfi | ID: 61

Variable: POST.DescriptionMe.1 | Value: dUhdf4  <a href=\"http://chvfhpajumok.com/\">chvfhpajumok</a>, [url=http://gjynrfihfkja.com/]gjynrfihfkja[/url], [link=http://emmpngkszjmm.com/]emmpngkszjmm[/link], http://fgjcequghjuz.com/
Impact: 9 | Tags: xss, csrf, id, rfe, lfi
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20
Description: Detects url injections and RFE attempts | Tags: id, rfe, lfi | ID: 61
Centrifuge detection data  Threshold: 3.49  Ratio: 1.2543859649123

REMOTE_ADDR: 98.214.0.233
HTTP_X_FORWARDED_FOR:
HTTP_CLIENT_IP:
SCRIPT_FILENAME: /var/www/htdocs/join.php
QUERY_STRING:
REQUEST_URI: http://maiwebsite.com/join.php
QUERY_STRING:
SCRIPT_NAME: join.php
PHP_SELF: join.php
Quote · 12 Dec 2009
mauricecano
mauricecanoPremium
1327 posts
0
 

Show and tell??  Seriously what do you want with this?  Are you trying something and it didn't work?  Are your users having issues posting links? Did this just appear randomly and you don't konw what it is?  You really need to put some explination here, otherwise it's just as useful as typing a topic for "Need HELP NOWW!!!!" without any explination.

Now looking at the code someone tried to join y our site and tried inserting those values somewhere in one of the fields on a join form.  Likely a spammer was trying to signup and spam their crap.

Oh you will have a ton more spams if that is your real site url, they do crawl these forums trying to find site names, edit your post.

Quote · 12 Dec 2009
jimie
jimieAdvanced
197 posts
0
 

I recived this on my email i dont know why

Quote · 12 Dec 2009
mauricecano
mauricecanoPremium
1327 posts
0
 

Then say that, just don't post it without anything else

A spammer tried signing up and placing those links in their "descriptionme" so they can spam you users.  System did its job and prevented the user from joining and having those links.  Not every PA is an error with the system, sometimes it is doing what it was designed to do.

Quote · 12 Dec 2009
jimie
jimieAdvanced
197 posts
0
 

Grate job then :) i didn`t knew about this

Quote · 12 Dec 2009
Reply ›
 
 
Home
Features
Pricing
Hosting
Support
About
StartDemo
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.

Blogs

Dolphin.Pro News
BoonEx News
Our Journey
Social Software World
Community Voice

Help

Support Forums
Documentation
BoonEx at GitHub
Knowledge Base
Contact Support Team

Product

Dolphin.Pro Features
Live Demo & Sandbox
Download Packages
Pricing & Order
Contact Sales Team

Company

Contact Us
About BoonEx
Privacy Policy
Terms & Conditions
© BoonEx Pty Ltd