View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000199 | Composr | recommend | public | 2010-07-29 16:25 | 2016-01-11 04:26 |
| Reporter | Guest | Assigned To | Chris Graham | ||
| Severity | Feature-request | ||||
| Status | resolved | Resolution | fixed | ||
| Product Version | |||||
| Fixed in Version | |||||
| Summary | 0000199: Spam originating from unknown IP adress: unknown.0.0.0 | ||||
| Description | My website running version 4.3.2 gave me a really weird spam-message. Note the weird originating IP address. A potential hacking attempt has been detected. Please do not be alarmed: approximately half of the suspected attempts are triggered innocently (the software intentionally has a paranoid security model, to give you very high security). Real hacking attempts are almost always caused by 'bots' (computer programs) that automatically crawl the internet looking for websites which may contain vulnerabilities, and then reporting any found vulnerabilities to their 'master' for future exploitation (usually, to assist in spam relaying). If this was a real hack attempt, it has failed - you might want to try and analyse the logged details (in case it gives clues to a real and persistant offender). More information on security is given in the software documentation. Reason: Tried to post spam links IP address: unknown.0.0.0 Member ID: 1 Username: Guest User Agent (typically, the web browser): Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Referrer: Recommend to a friend - Airsoftkempen.be Operating System: Windows NT 5.1; SV1 Date and time: 10:00 AM URL: /index.php?page=recommend&type=actual&from=http%3A%2F%2Fwww. airsoftkempen.be%2Findex.php%3Fpage%3Dkeymap&filtered=1 2031697 POST data… Code comcode__message => 1 name => sgerrt require__name => 1 recommender_email_address => rruxzu@gwesis.com require__recommender_email_address => 1 email_address_0 => rruxzu@gwesis.com label_for__email_address_0 => Your friend's e-mail address email_address_1 => rruxzu@gwesis.com label_for__email_address_1 => Your friend's e-mail address email_address_2 => rruxzu@gwesis.com label_for__email_address_2 => Your friend's e-mail address email_address_3 => rruxzu@gwesis.com label_for__email_address_3 => Your friend's e-mail address email_address_4 => rruxzu@gwesis.com label_for__email_address_4 => Your friend's e-mail address email_address_5 => rruxzu@gwesis.com label_for__email_address_5 => Your friend's e-mail address email_address_6 => rruxzu@gwesis.com label_for__email_address_6 => Your friend's e-mail address email_address_7 => rruxzu@gwesis.com label_for__email_address_7 => Your friend's e-mail address email_address_8 => rruxzu@gwesis.com label_for__email_address_8 => Your friend's e-mail address email_address_9 => rruxzu@gwesis.com label_for__email_address_9 => Your friend's e-mail address require__email_address_ => 1 label_for__upload => » Upload require__upload => 0 subject => wtVyZmkAeehPtjTJqJ require__subject => 1 message => XmoxEf <a href="http://eelvjqqhgvon.com/">eelvjqqhgvon</a>, [url=http://pmkvppxofrgj.com/]pmkvppxofrgj[/url], [link=http://iohiicrkaayo.com/]iohiicrkaayo[/link], http://iyzfwaurocwg.com/ message_parsed => XmoxEf <a href="http://eelvjqqhgvon.com/">eelvjqqhgvon</a>, [url=http://pmkvppxofrgj.com/]pmkvppxofrgj[/url], [link=http://iohiicrkaayo.com/]iohiicrkaayo[/link], http://iyzfwaurocwg.com/ label_for__security_image => Security image security_image => yHFtfgxFjdMqM require__security_image => 1 If you believe this suspected hack attempt is neither correct nor benign, but rather actually represents a substantial stability problem in the website software, read the information below. Otherwise, do not read on. Below is a stack trace revealing the state the software was in when the error occurred. If this represents a bug in the unmodified software, you may want to check Composr website for a fix, and if there isn't one, report this as a bug. Please note that merely posting a stack trace is not sufficient for us to solve your problem; the stack trace is just an aid that presents us with additional information. We still need to know the error message, what you tried to do, how you tried to do it, version numbers, and any other appropriate information. We apologise for this problem and if it's a bug we hope you will work with us so that we can fix it for you promptly. File '/home/airsoftk/public_html/sources/failure.php' Line '359' Function 'get_html_trace' Args File '/home/airsoftk/public_html/sources/global2.php' Line '875' Function '_log_hack_attack_and_exit' Args 'LAME_SPAM_HACK' 'XmoxEf http://eelvjqqhgvon.com/, [url=http://pmkvppxofrgj.com/]pmkvppxofrgj[/url], [link=http://iohiicrkaayo.com/]iohiicrkaayo[/link], http://iyzfwaurocwg.com/' '' File '/home/airsoftk/public_html/sources/input_filter.php' Line '31' Function 'log_hack_attack_and_exit' Args 'LAME_SPAM_HACK' 'XmoxEf http://eelvjqqhgvon.com/, [url=http://pmkvppxofrgj.com/]pmkvppxofrgj[/url], [link=http://iohiicrkaayo.com/]iohiicrkaayo[/link], http://iyzfwaurocwg.com/' File '/home/airsoftk/public_html/sources/global2.php' Line '1,289' Function 'check_posted_field' Args 'message' 'XmoxEf http://eelvjqqhgvon.com/, [url=http://pmkvppxofrgj.com/]pmkvppxofrgj[/url], [link=http://iohiicrkaayo.com/]iohiicrkaayo[/link], http://iyzfwaurocwg.com/' File '/home/airsoftk/public_html/sources/global2.php' Line '1,187' Function '__param' Args array ( 'comcode__message' => '1', 'name' => 'sgerrt', 'require__name' => '1', 'recommender_email_address' => 'rruxzu@gwesis.com', 'require__recommender_email_address' => '1', 'email_address_0' => 'rruxzu@gwesis.com', 'label_for__email_address_0' => 'Your friend\'s e-mail address', 'email_address_1' => 'rruxzu@gwesis.com', 'label_for__email_address_1' => 'Your friend\'s e-mail address', 'email_address_2' => 'rruxzu@gwesis.com', 'label_for__email_address_2' => 'Your friend\'s e-mail address', 'email_address_3' => 'rruxzu@gwesis.com', 'label_for__email_address_3' => 'Your friend\'s e-mail address', 'email_address_4' => 'rruxzu@gwesis.com', 'label_for__email_address_4' => 'Your friend\'s e-mail address', 'email_address_5' => 'rruxzu@gwesis.com', 'label_for__email_address_5' => 'Your friend\'s e-mail address', 'email_address_6' => 'rruxzu@gwesis.com', 'label_for__email_address_6' => 'Your friend\'s e-mail address', 'email_address_7' => 'rruxzu@gwesis.com', 'label_for__email_address_7' => 'Your friend\'s e-mail address', 'email_address_8' => 'rruxzu@gwesis.com', 'label_for__email_address_8' => 'Your friend\'s e-mail address', 'email_address_9' => 'rruxzu@gwesis.com', 'label_for__email_address_9' => 'Your friend\'s e-mail address', 'require__email_address_' => '1', 'label_for__upload' => ' » Upload', 'require__upload' => '0', 'subject' => 'wtVyZmkAeehPtjTJqJ', 'require__subject' => '1', 'message' => 'XmoxEf http://eelvjqqhgvon.com/, [url=http://pmkvppxofrgj.com/]pmkvppxofrgj[/url], [link=http://iohiicrkaayo.com/]iohiicrkaayo[/link], http://iyzfwaurocwg.com/', 'message_parsed' => 'XmoxEf http://eelvjqqhgvon.com/, [url=http://pmkvppxofrgj.com/]pmkvppxofrgj[/url], [link=http://iohiicrkaayo.com/]iohiicrkaayo[/link], http://iyzfwaurocwg.com/', 'label_for__security_image' => 'Security image', 'security_image' => 'yHFtfgxFjdMqM', 'require__security_image' => '1',) 'message' false false true | ||||
| Tags | No tags attached. | ||||
| Time estimation (hours) | |||||
| Sponsorship open | |||||
