Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> RN v2.20.00 - All Issues
Author Message
blith
Client



Joined: Jul 18, 2003
Posts: 977

PostPosted: Tue Jul 29, 2008 7:29 am Reply with quote

Please tell me if this is bad?

Code:
Date & Time: 2008-07-28 02:26:42 CDT GMT -0500 Blocked IP: 87.118.70.5 User ID: Anonymous (1)

Reason: Abuse-Script
--------------------
User Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.2b) Gecko/20021001 Phoenix/0.2 Query String: [ Only registered users can see links on this board! Get registered or login! ]
Get String: [ Only registered users can see links on this board! Get registered or login! ] Result: registered (registering only mode is ON); Post String: [ Only registered users can see links on this board! Get registered or login! ] Forwarded For: none Client IP: none Remote Address: 87.118.70.5 Remote Port: 4991 Request Method: GET
--------------------
Who-Is for IP
 
View user's profile Send private message Visit poster's website
Gremmie
Former Moderator in Good Standing



Joined: Apr 06, 2006
Posts: 2415
Location: Iowa, USA

PostPosted: Tue Jul 29, 2008 11:12 am Reply with quote

Someone is running what looks like a malfunctioning probe/attack script against you. I get these all the time.

_________________
GCalendar - An Event Calendar for PHP-Nuke
Member_Map - A Google Maps Nuke Module 
View user's profile Send private message
blith







PostPosted: Tue Jul 29, 2008 12:19 pm Reply with quote

Gremmie wrote:
Someone is running what looks like a malfunctioning probe/attack script against you. I get these all the time.


Thank you. It is nice that Sentinel caught it! RavensScripts My question is I do not have script blocking writing to htaccess like all the others. Should I be instantly and permabanning Abuse-Script?
 
blith







PostPosted: Tue Jul 29, 2008 3:49 pm Reply with quote

Well, now I am kind of confused. After looking at this it almost seems as if people are trying to register. I just received another one:
Code:
User Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.16) Gecko/20080702 Firefox/2.0.0.16 Query String: [ Only registered users can see links on this board! Get registered or login! ]

Get String: [ Only registered users can see links on this board! Get registered or login! ] Result: registered (registering only mode is ON); Post String: [ Only registered users can see links on this board! Get registered or login! ] Forwarded For: none Client IP: none Remote Address: 12.201.65.188 Remote Port: 63457 Request Method: GET

Can it be that prevelant that people are trying to hack or ar they trying to register?
 
Gremmie







PostPosted: Tue Jul 29, 2008 4:40 pm Reply with quote

No one who was legitimately trying to register would concoct such a GET string. Anyone registering would do it via POST.

BTW, I accidently clicked on the above and got blocked/banned from your site. Smile
 
evaders99
Former Moderator in Good Standing



Joined: Apr 30, 2004
Posts: 3221

PostPosted: Tue Jul 29, 2008 9:35 pm Reply with quote

Basically its a spam robot. They register an account, they spam your comments/forums for their junk. You should feel free to ban that IP

_________________
- Star Wars Rebellion Network -

Need help? Nuke Patched Core, Coding Services, Webmaster Services 
View user's profile Send private message Visit poster's website
blith







PostPosted: Wed Jul 30, 2008 7:21 am Reply with quote

Thank you both very much! I am at ease now.
Gremmie I will fix that in case I need you in the future Wink
 
Gremmie







PostPosted: Wed Jul 30, 2008 7:30 am Reply with quote

But evaders99, what's up with the op variable? Why would they include all that "Result: registered ..." crap in there? That makes me think their script is horked.
 
warren-the-ape
Worker
Worker



Joined: Nov 19, 2007
Posts: 196
Location: Netherlands

PostPosted: Wed Jul 30, 2008 8:01 am Reply with quote

Gremmie wrote:
BTW, I accidently clicked on the above and got blocked/banned from your site. Smile


Yep, roflll did the same yesterday Embarassed Laughing (I have a dutch IP Wink)
 
View user's profile Send private message
evaders99







PostPosted: Wed Jul 30, 2008 11:48 am Reply with quote

Their script is "horked" Smile
 
Gremmie







PostPosted: Wed Jul 30, 2008 12:09 pm Reply with quote

evaders99 wrote:
Their script is "horked" Smile


They sure run the d*** thing a lot, judging by the amount of times I see it each week. Don't they notice it isn't working? Laughing Oh well, have fun with that kiddies!
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> RN v2.20.00 - All Issues

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©