PDA

View Full Version : Tora! Tora! Tora! - Tech Notice



BobZag
12-28-2012, 10:43 AM
There was an attack against the GU Boards yesterday- 17 SQL injection attempts against the site listed as "successful" in WebDefend. My analysis of the transaction and further research of the attack details indicate that we are immune to this particular attack. (http://packetstormsecurity.org/files/103197/vBulletin-Search-UI-SQL-Injection.html)



The IP address used was 208.76.54.2 , the SQL string was:

do=process?do=process&quicksearch=1&childforums=1&exactname=1&securitytoken=guest&query=1&showposts=0&showposts=1&id=-1'



Let us know if you see anything odd on the site; the logs indicate this occurred at 7:32 p.m., without any effect. The S-R techs noticed that the time settings are starting to drift again, so be advised that we'll be working on that again as well.

GoGU
12-28-2012, 10:54 AM
Nice try, St. Mary's.

zagzilla
12-28-2012, 10:55 AM
Last week something bad happened to godisagael. Page load redirected to a porn site and after that my browser warned me that their site was unsafe so I bailed. Haven't gone back since.

Guess the S/R folks have better security than them. Thanks!

ZZ

Martin Centre Mad Man
12-28-2012, 11:01 AM
Last week something bad happened to godisagael. Page load redirected to a porn site and after that my browser warned me that their site was unsafe so I bailed. Haven't gone back since.

ZZ

It could have been worse. At least it didn't send you to the Bleacher Report and/or Dons Central.

sittingon50
12-28-2012, 11:23 AM
Barechested pics of Omar are considered porn?

MDABE80
12-28-2012, 11:57 AM
I'm thinking something about 80 miles west of SMC.

primal23
12-28-2012, 12:08 PM
IP is from Miami FL, Netrouting ISP.

Martin Centre Mad Man
12-28-2012, 02:15 PM
Barechested pics of Omar are considered porn?

I did see some game pics of Samhan in the Foo under the "More Boobs" category.

CaliforniaZaggin'
12-28-2012, 02:41 PM
I'm thinking something about 80 miles west of SMC.

The Pacific Ocean did this? ;)

Oregonzagnut
12-28-2012, 04:17 PM
SPAM bot. comment spammer that basically can comment posts automatically and in every thread.

Looks like that SPAM crook got put down like Baylor will tonight.

75Zag
12-28-2012, 04:20 PM
I would be a likely prime suspect if I knew what an "SQL injection attempt" was. Sounds like something you do with a squirrel and a needle.

Go Bulldogs!

FieldHouseFishHouse
12-28-2012, 08:27 PM
I'm thinking something about 80 miles west of SMC.

It was the whaels.

MDABE80
12-28-2012, 09:03 PM
Some sick pervs in that neck of the woods. Would do nearly anything to scew this board up. Some well known. No matter.....we won. Not to dwell on it.