Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Sign In
Not a member yet? Click here to register.

An Attack from China?

I'm using the guest tracking panel from the skpacman.

On the 16 of juli 2012 with the ip-address: 114.227.10.78 the following url/uri's came in:

07:01:47: '/photogallery.php?album_id=6%20and%201=1%20and%20='
07:01:46: '/photogallery.php?album_id=6%20%61%6E%64%20%31%3D%32'
07:01:45: '/photogallery.php?album_id=6%20%61%6E%64%20%31%3D%31'
07:01:44: '/photogallery.php?album_id=6%20and%20char124%2Buser%2Bchar124=0%20and%20%25='
07:01:43: '/photogallery.php?album_id=6%20and%20char124%2Buser%2Bchar124=0'
07:01:41: '/photogallery.php?album_id=6%20and%20char124%2Buser%2Bchar124=0%20and%20='

The ip-address is from "Chinanet Jiangsu Province Network"... Ehh???
And looking at the time-table -just seconds-: Nobody can copy and past that fast...
It is a programm or robot working, crawling...

I checked up my database and with FTP my PHP-Fusion files on my providers root, checking out the file-dates on the 2012-07-16. Nothing did change...

==============
Tip against attacks:
Change the dates of all the PHP-Fusion-files once a month to that date. So all the files have the same date. If after that one file has another date, it is time to examine that file...
==============

So, I think the above was an attack, trying to corrupt my database...

But what nobody can tell me is what the codes in these url/uri's mean? What is that **** all about?

Like to hear some more...

Greetings,
Masy from the Netherlands
Any files/data-s changed?
We've had an attack from Romania. 640 files where changed on 13-11-2012 around 01.00 am...

Sinowal-malware.... No database hack...
i deleted photogallery.php, thankyou for the warning
Nothing suspicious, without correct logs.
Just do a block on China unless you really need Chinese visitors.
Thread Information
Author
Replies
6 posts
Views
2,335 times
Last Post
Last updated on 8 years ago
Related Threads
Hacker attack - Important
Started by
D
dooly - 3 posts
Spam Bots Attack!
Started by
D
Dudov - 5 posts
Spam Bot Attack Solutions
Started by Routh Routh - 2 posts
You can view all discussion threads in this forum.
You cannot set up a bounty in this discussion thread.
You can start a new discussion thread in this forum.
You cannot reply in this discussion thread.
You cannot start on a poll in this forum.
You cannot upload attachments in this forum.
You can download attachments in this forum.
You cannot up or down-vote on the post in this discussion thread.
Users who participated in discussion: Martijn78, Craig, PolarFox, Geri, Masy