Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
izone
Involved
Involved


Joined: Sep 07, 2004
Posts: 354
Location: Sweden

PostPosted: Tue Oct 12, 2004 3:31 pm Reply with quote

Hi!

I've both Sentinel and Admin Secure on my site. A friend of mine got hacked for a few minutes ago (he has Sentinel).

In my site:

When I looked at my Admin Secure log I can see a user tried to send this code to the site (I think to MySql):

Code:


user|=|MjM6aXJhbnRyYWluaW5nOmYxNGNiNjYxOTJlNWI3NGUwYTJmZDY5NTc1ZTlhZDY0OjEwOjowOjA6MDowOjo0MDk2|<|phpbb2mysql_data|=|a:2:{s:11:"autologinid";s:0:"";s:6:"userid";s:2:"23";}|<|
phpbb2mysql_data|=|a:2:{s:11:"autologinid";s:0:"";s:6:"userid";s:2:"23";}|<|


Could it be a try to hack?

I've gott no message from Sentinel or Admin Secure about trying to hack.
Please help.
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sat Nov 06, 2004 9:20 pm Reply with quote

Was this sent in the URL? Can you post the exact log entry from your server log?
 
View user's profile Send private message
VinDSL
Life Cycles Becoming CPU Cycles


Joined: Jul 11, 2004
Posts: 614
Location: Arizona (USA) Admin: NukeCops.com Admin: Disipal Designs Admin: Lenon.com

PostPosted: Mon Nov 08, 2004 4:32 am Reply with quote

izone wrote:
Code:


user|=|MjM6aXJhbnRyYWluaW5nOmYxNGNiNjYxOTJlNWI3NGUwYTJmZDY5NTc1ZTlhZDY0OjEwOjowOjA6MDowOjo0MDk2|

Could it be a try to hack?

Hrm... interesting!

Decoded:

Code:
user|=|23:irantraining:f14cb66192e5b74e0a2fd69575e9ad64:10::0:0:0:0::4096|


If I was to guess, I would say it's a phpBB cookie for irantraining.com from a user named: kayzer.

_________________
.:: "The further in you go, the bigger it gets!" ::.
.:: Only registered users can see links on this board! Get registered or login! | Only registered users can see links on this board! Get registered or login! ::. 
View user's profile Send private message Visit poster's website ICQ Number
izone
PostPosted: Wed Nov 10, 2004 9:07 am Reply with quote

Thank you Raven and vinDSL.

It was a time ago I wrote this topic. Some of my friends sites was under attack and I was worry about mine. I found this in Admin Secure log and didn't know what it is.

But Raven helped me to find out that hackers came in from Gallery.

Thanks anyway.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©