Jump to content

Archived

This topic is now archived and is closed to further replies.

puggybelle

Hack attempt - is there a way to prevent this?

Recommended Posts

1 hour ago, JcMagpie said:

Both blocked by server with 403 error page.

Not sure now as was able to bypass 403 with simple mod to ascii and hex. layout gets messed up both in shop and admin and ends up in db.

search  accepted input.  I would say not a big issue but for the fact that I see fake accounts every day. Jack's honey pot has them down to 5 or 6 per attack per day but they still get in. Here is a typical example, filtering them out is nearly imposiable as they use real email address which  clearly don't belong to them.

image.png.79db48a4e12fe56e8b0b1dae8d92a74c.png

image.png.6bf7b285cd2d3fe99bdc603da369f4f3.png

as did make account

image.png.fb59d3c5543ea874c52d519270bb153e.png

image.thumb.png.ccebba9ea63504c1996151db6f81bbf4.png

admin takes input and output the rubbish.

image.thumb.png.6901722a7a9b7255edab2cd3401843fb.png

as will the db,

image.thumb.png.2ae71e21003232b520a803146bdb9198.png


 

Share this post


Link to post
Share on other sites

×