Announcement

Collapse
No announcement yet.

hacking attempt on p3tz via dbase? did this harm anything?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • hacking attempt on p3tz via dbase? did this harm anything?

    i got 100+ mysql errors in less then 10 seconds all with the following;
    i have a feeling someone tried to steal admin password with it.
    could you see if it worked? nothing weird is seeable at the site

    thanks

    ===============


    Database error in vBulletin 3.6.5:

    Invalid SQL:
    SELECT
    i.id AS id, u.userid AS userid, u.usergroupid AS usergroupid,
    u.membergroupids AS membergroupids
    FROM petz_inventory AS i
    LEFT JOIN user AS u ON (i.userid = u.userid)

    WHERE i.id='9995681' union SELECT 666,666 FROM user WHERE userid='1' and(ascii(substring(password,18,1))=48)/*';


    MySQL Error : The used SELECT statements have a different number of columns
    Error Number : 1222

    Date : Wednesday, March 14th 2007 @ 12:11:05 AM
    Script : http://www.bunnybunch.nl/community/petz.php?do=stealitem&id=9995681\'+union+SELECT+666,666+FROM+user+WHERE+userid=\'1\'+and(a scii(substring(password,18,1))=48)/*

    - Tekst uit oorspronkelijke bericht niet weergeven -
    Referrer :
    IP Address :
    81.52.162.111
    Username : Niet geregistreerd
    Classname : vb_database

  • #2
    This is a modification to vBulletin "vBPetz" and we can't provide support for this. Just assume that they've hacked you and change all your passwords. And go through all these steps:
    Sticky: How To Make My Forums More Secure

    Comment


    • #3
      Allrighty i will, i know you cant provide support, but i hoped you guys could give me insight if it was indeed a scripted hacking attempt (by looking at the strings in the error) or if it was something harmless and by accident?

      thanks!

      Comment


      • #4
        If that's the output: Then I have to guess no.

        Comment


        • #5
          Thought so, since i havent had a vb database error in months.

          I'll have this checked by the mods of p3tz aswell, thanks for your support!

          Comment

          Loading...
          Working...
          X