MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.4 > MyBB 1.4 General Support > Concerned about possible URL hack
Full Version: Concerned about possible URL hack
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Pilo

2009-04-12, 12:59 AM
Hi, for a while now, I have been noticing different people trying to access the same, strange looking URL. I think it may be some type of hack attempt as my analytics program shows these people are from countries such as Russia, Ukraine, Korea and Argentina. Countries that normally don't visit my site.This is what the URL always is:

http://www.mydomain.net/%255c%2522http:/...tpw%25255C

The URL isn't showing fully but if you open it up you can see that the last part is targeting my forum which is in a sub-directory. For obvious reasons, I have changed my actual domain name.

For EVERY attempt at this URL, my analytics program shows the person receiving exactly FOUR 404 error pages and then leaving.

I have the latest version of MyBB, 1.4.4. Not sure whether I should be concerned about this or whether there's anything I can or should be doing.

It would be nice if I could put something in my .htaccess file that detects if my domain is repeated in the URL and then redirects them someplace else.

x_Stricken_x

2009-04-12, 01:01 AM
It looks like just an error, not a hacking attempt. Unless their that stupid of hackers, they wouldn't access it with URLs like that as they don't want to leave a trace.

Pilo

2009-04-12, 01:56 AM
It seems like a hack attempt to me but I may be wrong. Another program which I have was hacked a couple of weeks ago so I think they're all back for round two. I have a feeling they won't have the same success with MyBB.

Joshua Mayer

2009-04-12, 02:53 AM
(2009-04-12, 01:56 AM)Pilo Wrote: [ -> ]It seems like a hack attempt to me but I may be wrong. Another program which I have was hacked a couple of weeks ago so I think they're all back for round two. I have a feeling they won't have the same success with MyBB.

If it is a hacking attempt I wouldn't worry because MyBB has no known exploits. Also if there was an exploit Labrocca would know and report it because he runs Hack Forums.

Pilo

2009-04-12, 03:29 AM
Thanks, I feel confident now that they're just wasting their time. I'll try to stop worrying.

ghazal

2009-04-12, 03:23 PM
oO. Is this be happening right out there ?

Tomm M

2009-04-12, 04:57 PM
(2009-04-12, 02:53 AM)Joshua Mayer Wrote: [ -> ]If it is a hacking attempt I wouldn't worry because MyBB has no known exploits.

That's true Smile MyBB 1.4.4 has no known security vulnerabilities at the moment.
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.4 > MyBB 1.4 General Support > Concerned about possible URL hack