Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
 All Forums
 Community Forums
 Community Discussions (All other subjects)
 Possible Hacker ?

Note: You must be registered in order to post a reply.
To register, click here. Registration is FREE!
Before posting, make sure you have read this topic!

Screensize:
UserName:
Password:
Format Mode:
Format: BoldItalicizedUnderlineStrikethrough Align LeftCenteredAlign Right Horizontal Rule Insert HyperlinkInsert EmailInsert Image Insert CodeInsert QuoteInsert List
   
Message:

* HTML is OFF
* Forum Code is ON
Smilies
Smile [:)] Big Smile [:D] Cool [8D] Blush [:I]
Tongue [:P] Evil [):] Wink [;)] Clown [:o)]
Black Eye [B)] Eight Ball [8] Frown [:(] Shy [8)]
Shocked [:0] Angry [:(!] Dead [xx(] Sleepy [|)]
Kisses [:X] Approve [^] Disapprove [V] Question [?]

 
   

T O P I C    R E V I E W
Webbo Posted - 07 November 2013 : 18:23:51
I had a look at my 'Active Users' tonight and found several 'Guests' viewing 'Admin Options', more specifically these links:

http://www.mysite.com/forum/post.asp?method=-1%27&forum_id=14
http://www.mysite.com/forum/post.asp?method=-1%27&forum_id=60
http://www.mysite.com/forum/post.asp?method=-1%27&reply_id=1613182&topic_id=163054&forum_id=14
http://www.mysite.com/forum/post.asp?method=-1%27&topic_id=163054&forum_id=14

Their IP addresses were all different, one being 200.215.99.145 which belongs to Brasil Telecommunications and another being 92.77.253.27 which belongs to a German ISP

As far as I'm aware all security fixes are in place and there has been no disruption, but is it something I need to be concerend about or just someone passing through ?
6   L A T E S T    R E P L I E S    (Newest First)
ruirib Posted - 09 November 2013 : 05:07:12
As I said it would :).
Webbo Posted - 08 November 2013 : 15:55:27
I've got one now and the link takes you to the default.asp page
ruirib Posted - 08 November 2013 : 03:57:38
Active Users is not really a good reference regarding who accesses what, since it does not determine who had access rejected because of permissions. I have also seen AU just stating Admin Options for other stuff, like the mod that allows draft creations and such.

IMO, it should be nothing to worry about, but try the links while being logged out and see what happens.
Webbo Posted - 08 November 2013 : 02:23:09
It's the first time I've seen such and they stayed 'active' for up to 2 hours then no more

Bobby, those links don't show when logged out and the 'admin options' only shows on my site when logged in and with admin status (ie mlev=4)

Rui, the links above haven't displayed properly, there was a reference to 'admin... ' in the link which seems to have been filtered out on here, hence the concern
ruirib Posted - 07 November 2013 : 19:24:39
This links do not seem to access admin options. Probably it's just the default info shown by Active Users?

Anyway, even when non authorized users try to access admin options, AU will show them trying, but they cannot actually access them.
bobby131313 Posted - 07 November 2013 : 18:54:53
Log out and see if the admin options, post reply, and new topic links are showing.

Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.05 seconds. Powered By: Snitz Forums 2000 Version 3.4.07