PDA

View Full Version : Strange PM



davesnow
November 29th, 2013, 02:22 PM
I got this PM message from user doguscafe. I don't know what it means:


if (&l036;row[&l039;user_id&l039;] != cookies)
&l123;
&l036;sql = &l039;UPDATE &l039; . USERS_TABLE . &l039;
SET user_login_tries = user_login_tries + 1, user_last_login_try = &l039; . time() . &l039;
WHERE user_id = &l039; . &l036;row[&l039;user_id&l039;];
&l036;db->sql_query(&l036;sql);
}

`

shaneturner12
November 29th, 2013, 02:33 PM
I recognise that kind of code - it's a mixture of PHP and SQL, both coding languages.

Looking at it, the moderators may need to see that one (and possibly N3V as well) as it appears to be potentially dodgy code.

Shane

JCitron
November 29th, 2013, 03:04 PM
That definitely "doggy" code. Forward the PM to Zec Murphy and Cratey.

John

oknotsen
November 29th, 2013, 03:44 PM
Looks like a failed hack attempt, trying to exploit a (apparently fixed) bug in the forum software.

shaneturner12
November 29th, 2013, 03:48 PM
That's my concern as well. Hopefully either Zec or Cratey can sort it fairly soon (even though it's a weekend in Oz) in case a working version crops up.

Shane

Bluewater
November 29th, 2013, 04:47 PM
Could this be someone specifically targeting this certain forum or would this affect all vBulletin forums?

JCitron
November 29th, 2013, 04:50 PM
Could this be someone specifically targeting this certain forum or would this affect all vBulletin forums?

This is possible if they aren't patched. There have been updates to the forum software, which apparently stopped this one if this was a hack.

I recommend should anyone receive anymore of these PMs, that they report them to the helpdesk immediately.

John

shaneturner12
November 29th, 2013, 04:54 PM
Agreed. It's an issue that N3V need to be aware of, in case it's something that's not very well known. It's kind of lucky that my forum is not powered by VBulletin so probably wouldn't be affected by that (although it would soon be caught anyway).

I'm hoping that N3V do post something here regarding this issue, as we have no idea who else may have been sent this, and through other checks, the user has not posted any posts, and does not state a location in their Planet Auran profile.

Shane

matruck
November 29th, 2013, 05:21 PM
Dave's been contacted by Aliens :eek:, Quick everybody run for the hills and don't go near him unless you are wearing tin foil wrapped around your head ROFL. Your special now Dave.
Cheers Mick.:hehe:

domsarto
November 29th, 2013, 05:39 PM
You should note too, that this message came from a DOG in a US CAFE so possibly too much caffeine.

davesnow
November 29th, 2013, 06:04 PM
I'm not at my computer right now so I can't forward this PM to anyone

matruck
November 29th, 2013, 06:19 PM
I'm not at my computer right now so I can't forward this PM to anyone
How do we really know this is the real Dave Snow and not the Alien abducted Dave Snow Dave ?. LOL sorry i can't help it Dave.
Cheers Mick.:wave:

clam1952
November 29th, 2013, 07:06 PM
There appear to have been a couple of attacks elsewhere on vBulletin forums in the last couple of weeks through user accounts. I agree with Shane that code looks decidedly dodgy.

davesnow
November 29th, 2013, 07:57 PM
That definitely "doggy" code. Forward the PM to Zec Murphy and Cratey.

John

Forwarded to both.



How do we really know this is the real Dave Snow and not the Alien abducted Dave Snow Dave ?. LOL sorry i can't help it Dave.
Cheers Mick.http://forums.auran.com/trainz/images/smilies/awave.gif

Aliens wouldn't want an old wore out guy like me! Haha

Cheers,

Dave

JCitron
November 29th, 2013, 08:10 PM
Thanks Dave. Let's hope the experts can take care of this for us.

John

justinroth
November 30th, 2013, 01:29 PM
Too much eggnog?