MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Attempted hacking to get the admin's password?!
Full Version: Attempted hacking to get the admin's password?!
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3

Renegader

2011-04-20, 01:47 AM
Different IP, probably was someone here. lol.

lecteur

2011-04-20, 02:30 AM
Lol nice try...

try to use : whois.domaintools.com to locate users and you can probably ban ip or all country ip

i made a tuto (in french) to how generate all country ip and ban them from htaccess.

The Tuto : http://www.geekiano.com/thread-1543.html

The site to find ip range is (this site generate also the htacces code) : http://www.find-ip-address.org/ip-country/


Exemple for Bahamas :

deny from 24.51.64.0 - 24.51.127.255
deny from 24.206.0.0 - 24.206.31.255
deny from 24.231.32.0 - 24.231.63.255
deny from 24.244.128.0 - 24.244.170.255
deny from 24.244.171.255 - 24.244.191.255
deny from 46.36.194.40 - 46.36.194.50
deny from 63.245.112.0 - 63.245.127.255
deny from 64.66.0.0 - 64.66.15.255
deny from 64.69.79.0 - 64.69.79.127
deny from 64.150.192.0 - 64.150.255.255
deny from 65.75.64.0 - 65.75.127.255
deny from 65.198.208.0 - 65.198.215.255
deny from 65.243.100.0 - 65.243.103.255
deny from 66.11.157.160 - 66.11.157.175
deny from 66.205.23.0 - 66.205.23.255
deny from 69.4.160.0 - 69.4.175.255
deny from 69.56.58.72 - 69.56.58.87
deny from 69.56.58.96 - 69.56.58.103
deny from 69.56.59.104 - 69.56.59.111
deny from 69.79.28.0 - 69.79.31.255
deny from 69.79.120.0 - 69.79.120.255
deny from 69.79.124.0 - 69.79.127.255
deny from 72.3.163.152 - 72.3.163.159
deny from 72.3.173.208 - 72.3.173.215
deny from 72.3.174.112 - 72.3.174.183
deny from 72.9.146.120 - 72.9.146.127
deny from 72.252.113.0 - 72.252.113.255
deny from 84.22.98.8 - 84.22.98.31
deny from 93.92.47.0 - 93.92.47.255
deny from 108.60.224.0 - 108.60.255.255
deny from 199.102.188.0 - 199.102.191.255
deny from 204.236.64.0 - 204.236.127.255
deny from 206.66.85.0 - 206.66.85.255
deny from 206.138.16.0 - 206.138.31.255
deny from 208.87.32.0 - 208.87.39.255
deny from 208.196.155.0 - 208.196.155.255
deny from 208.246.140.0 - 208.246.143.255
deny from 209.61.129.240 - 209.61.129.255
deny from 209.88.136.0 - 209.88.141.255
deny from 209.169.36.224 - 209.169.36.239
deny from 216.72.237.0 - 216.72.237.255
deny from 216.137.0.0 - 216.137.15.255
deny from 216.187.66.224 - 216.187.66.239
deny from 217.172.49.32 - 217.172.49.63
deny from 217.199.32.168 - 217.199.32.175


PS: And sorry for my english Sad

enhu

2011-04-20, 06:26 AM
lolz nice. i must install this mod. thanks for the info guys.

Nathan Malcolm

2011-04-20, 06:54 AM
(2011-04-20, 02:30 AM)lecteur Wrote: [ -> ]Lol nice try...

try to use : whois.domaintools.com to locate users and you can probably ban ip or all country ip

Wait, wait, wait. Your saying ban the country because they tried to hack a forum? Every country has hackers that attack sites everyday, banning millions of potential users because of one stupid person is ridiculous.

Unless lots of users from a certain country attack your site continuously, there is no need to do this.

Sector

2012-05-06, 09:43 PM
(2011-04-20, 12:39 AM)Solidus Wrote: [ -> ]
(2011-04-20, 12:31 AM)Renegader Wrote: [ -> ]Is he trying to sql inject or something?

Yes, and has failed badly. No variable, no double dash.

I'm sorry to resurrect this thread but I've come across with this. What does it mean "double dash" ??

Nathan Malcolm

2012-05-06, 09:57 PM
(2012-05-06, 09:43 PM)Sector Wrote: [ -> ]
(2011-04-20, 12:39 AM)Solidus Wrote: [ -> ]
(2011-04-20, 12:31 AM)Renegader Wrote: [ -> ]Is he trying to sql inject or something?

Yes, and has failed badly. No variable, no double dash.

I'm sorry to resurrect this thread but I've come across with this. What does it mean "double dash" ??

A double dash (--) in a query basically ends the query there. So what ever is before the double dash is executed, but not after.

brad-t

2012-05-06, 10:07 PM
hahaha that log is hilarious

GunnerAIO

2012-05-06, 10:32 PM
(2012-05-06, 09:57 PM)Nathan Malcolm Wrote: [ -> ]A double dash (--) in a query basically ends the query there. So what ever is before the double dash is executed, but not after.

I take it there is no way for a user to inject this in 1.6.7?

Nathan Malcolm

2012-05-06, 10:38 PM
(2012-05-06, 10:32 PM)GunnerAIO Wrote: [ -> ]
(2012-05-06, 09:57 PM)Nathan Malcolm Wrote: [ -> ]A double dash (--) in a query basically ends the query there. So what ever is before the double dash is executed, but not after.

I take it there is no way for a user to inject this in 1.6.7?

Is there was any known vulnerability in MyBB as risky as SQL injection, we'd release a patch within hours. We're very fast at patching security issues.

Sector

2012-05-06, 11:28 PM
Nice! no reason to be alarmed, then. Thanks!
Pages: 1 2 3
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Attempted hacking to get the admin's password?!