pitofdarkness
Forum Replies Created
-
Forum: Everything else WordPress
In reply to: Strange comment posted with SQL inHave had a look at the post the comment was on and a couple of other posts, as well as the users, comments and options tables and couldn’t find anything odd. Also checked the .php files for my themes and no odd links there either.
Googling Gen Debrery now shows nearly 5000 WordPress-powered sites.
Maybe the idea is to try to SQL inject a comment so that the blog can be comment-spammed in future using that name if it has “Comment author must have a previously approved comment” enabled? (unsure if that would even work).
Forum: Everything else WordPress
In reply to: Strange comment posted with SQL inI have moderation on for all non-registered users (not that I expect many comments anyway as my blog is just me messing around writing and keeping a few friends up to date on my stuff) so it was sat in the moderation queue..
I looked in the Apache log for the IP address and found this additional oddness:
69.31.80.66 - - [24/Jan/2008:15:06:19 -0800] "POST /wp-trackback.php HTTP/1.0" 200 454 "-" "Python-urllib/1.17" 69.31.80.66 - - [24/Jan/2008:15:06:20 -0800] "GET /wp-trackback.php?p=207 HTTP/1.0" 200 438 "-" "Python-urllib/1.17" 69.31.80.66 - - [24/Jan/2008:15:06:21 -0800] "GET /wp-login.php?action=logout HTTP/1.0" 200 980 "-" "Python-urllib/1.17" 69.31.80.66 - - [24/Jan/2008:15:06:22 -0800] "POST /wp-trackback.php?p=207 HTTP/1.0" 200 397 "-" "Python-urllib/1.17" 69.31.80.66 - - [24/Jan/2008:15:06:23 -0800] "POST /wp-trackback.php?p=207 HTTP/1.0" 200 1098 "-" "Python-urllib/1.17" 69.31.80.66 - - [24/Jan/2008:15:06:24 -0800] "POST /wp-trackback.php?p=207 HTTP/1.0" 200 1098 "-" "Python-urllib/1.17"