He is trying to hack my site too. Not cool.
known bug Galen, he is probably been keeping up with all the bugs on here and is exploiting them.
we know dude, theres always a bad lot in all society's and cultures.
maybe we should compile a list of Ip's hes trying to use then ban them all,
ok just so im in the know on this
what exactly is this meatstick i mean kid exploiting?
He is trying to use MySQL/Php commands as the username. So, for instance, each query for getting the "command" username would return system variables or cause a specific result. Such as the "die" attempt mentioned.
MyBB didn't even balk when the guy registered at my site, since it handled the username properly.
I'm personally banning each script-kiddy IP I find in this thread.
If you run MyBB 1.1.3 you are protected from this exploit.
Continue to ban the IP addresses and delete the users if you wish.
MyBB 1.1.2 was protected from the attack as well. At least upon my board it was.