Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Snitz Forums 2000 MOD-Group
 MOD Add-On Forum (W/Code)
 The I've been hacked mod.		  New Topic  Topic Locked
 Printer Friendly
Next Page
Author Previous Topic Topic Next Topic
Page: of 3

foo
New Member

52 Posts
Posted - 08 May 2002 :  04:10:29  Show Profile
5/10/2002 - 1.1 available at: http://ozroot.com/forums/


Here is code to print and email (email is untested) the Time and IP address of attempted hackers. There's also some optional code to crash their browser if you like.

insert the following code:

if Instr(SearchName,"M_PASSWORD") Then
    strIP = Request.ServerVariables("REMOTE_ADDR")
    strTime = Now()
    strRecipientsName = "Admin"
    strRecipients = "admin@yourdomain.com"
    strFrom = "Hack Patrol"
    strFromName = "Hack Patrol"
    strFromAddress = "HackCheck@yourdomain.com"
    strSubject = "Got One"
    strMessage = strIP & " - " & strTime & vbcrlf
    response.write "<H1>" & strMessage 
    response.write "</H1><P>Your IP address and the current time "
    response.write "have been sent to the administrator."
%>
<!--#INCLUDE FILE="inc_mail.asp" -->
<%
    response.end
End If


into members.asp just before the line


srchUName = trim(chkString(Request("UserName"),"SQLString"))


This is in the middle of the security update and should be done after patching your code of course!

Feel free to insert the following code in place of the response.end. I haven't tested it on Netscape but it Crashes IE 5 very nicely.

code removed by HuwR, we are not vindictive, please do not post code which will cause someone elses PC to crash, this makes you as juvenile as the hackers

Tim Root
timr@bluedevils.org


Edited by - foo on 08 May 2002 10:26:48

Edited by - foo on 09 May 2002 15:33:57

Edited by - foo on 10 May 2002 19:29:41

foo
New Member

52 Posts
Posted - 08 May 2002 :  10:25:21  Show Profile
I can respect that. I wrote the code then decided against using it on my site for that reason. Be the better man and all that. Still, you could easily make a case that it's not juvenile or vindictive to stop them from accessing my site by crashing their browser once they've been identified as someone attempting to break in. Maybe I'll modify this mod to add hacker IP addresses to a blocked list.

-Tim
Go to Top of Page

Steve D.
Average Member

USA
640 Posts
Posted - 08 May 2002 :  10:33:05  Show Profile  Visit Steve D.'s Homepage  Send Steve D. a Yahoo! Message
Can you explain what this is doing?

----------------------------------------
Badges? We don't need no stinking badges
Go to Top of Page

foo
New Member

52 Posts
Posted - 08 May 2002 :  11:54:42  Show Profile
It looks at the search string for someone who is trying to rip off your passwords. If they are it sends you an email with the time and their IP address and displays a message that the administrator has been informed of the attempted hack.

Tim


P.S. The email code has been tested and works as advertised( I'm just using the existing forum mail code.)

Edited by - foo on 08 May 2002 11:56:51
Go to Top of Page

milki
Junior Member

Israel
320 Posts
Posted - 08 May 2002 :  13:09:11  Show Profile  Visit milki's Homepage  Send milki an ICQ Message
can you send it to my email !

krembo@012.net.il

and if some onr is doing me something rong i can do this to him !
if is an "hacker" he need a panisht ...

Edited by - milki on 08 May 2002 13:12:48
Go to Top of Page

T.G.K
Junior Member

Vietnam
347 Posts
Posted - 08 May 2002 :  13:13:31  Show Profile  Visit T.G.K's Homepage  Send T.G.K an AOL message  Send T.G.K an ICQ Message  Send T.G.K a Yahoo! Message
uhms i want to try it too :)

~~~~~~~~~~~~~~~~~~~~~~~~
Go to Top of Page

HandAble.com
Starting Member

15 Posts
Posted - 08 May 2002 :  14:59:31  Show Profile  Visit HandAble.com's Homepage
quote:


if Instr(SearchName,"M_PASSWORD") Then



Instr is case sensitive... I am not fully versed in ASP, is there a case insensitive version of this? ("m_password" would not be trapped by this).

----
http://HandAble.com
Go to Top of Page

nomad_2k
Junior Member

United Kingdom
173 Posts
Posted - 08 May 2002 :  15:10:59  Show Profile
Change it to

if Instr(SearchName,"M_PASSWORD", vbTextCompare) Then

this makes it case insensitive.


Good things come to those who wait.
http://www.freeasphost.co.uk/evolution/
Go to Top of Page

HandAble.com
Starting Member

15 Posts
Posted - 08 May 2002 :  16:18:17  Show Profile  Visit HandAble.com's Homepage
quote:

Change it to

if Instr(SearchName,"M_PASSWORD", vbTextCompare) Then

this makes it case insensitive.


Microsoft VBScript runtime error '800a000d'

Type mismatch: 'SearchName'

/forums/members.asp, line 67



----
http://HandAble.com
Go to Top of Page

HarshReality
Junior Member

USA
128 Posts
Posted - 08 May 2002 :  22:06:14  Show Profile  Visit HarshReality's Homepage  Send HarshReality an AOL message  Send HarshReality an ICQ Message  Send HarshReality a Yahoo! Message
Ok can somebody email me this, I am curious about how this was setup

Oh what wonders await we the ****ed in exile, for in a single act of rage I have slain what little humanity I have left and all that remains is the beast....
Go to Top of Page

johngo33
Starting Member

14 Posts
Posted - 09 May 2002 :  10:24:35  Show Profile
Maybe we can convert it to uppercase before search:

Change:

if Instr(SearchName,"M_PASSWORD") Then

To:

Dim strHackCheck
strHackCheck = UCase(SearchName)
if Instr(strHackCheck,"M_PASSWORD") Then

I tried this, and it works.





Edited by - JohNgo33 on 09 May 2002 10:30:13
Go to Top of Page

HandAble.com
Starting Member

15 Posts
Posted - 09 May 2002 :  12:10:27  Show Profile  Visit HandAble.com's Homepage
quote:

Maybe we can convert it to uppercase before search:


Great .. that worked for me, too. Thanks.

----
http://HandAble.com
Go to Top of Page

Morten
Junior Member

Denmark
251 Posts
Posted - 09 May 2002 :  12:55:01  Show Profile
Could somebody please explain excatcly what why the hackers could ever find out from the searchfield on the memberpage. I have dicovered a single user at my site wheile viewing the "Who is Online" that somebody was at a unknown page - if I tryed to reach excactly that page I got an error. The only thing I remember was that "M_USERNAME" or "M_PASSWORD" was part of that particular long path this user was on.

I have changed my forums now with the fix and with the mail-alarm from this topic. Mayby its not so good to post it here but please mail me what I have to look for in my logfiles in the future. Schould I ask all my users to change their passwords ?

Regards
Morten
Go to Top of Page

foo
New Member

52 Posts
Posted - 09 May 2002 :  15:28:07  Show Profile
The HackMod is available at

http://ozroot.com/forums/

Changes:
- no longer case sensitive
- Easier One line install (It's now an include file.)

For those of you looking for the crash code... Sorry, HuwR was right and I'm not going to provide it.



Tim

Go to Top of Page

johngo33
Starting Member

14 Posts
Posted - 09 May 2002 :  16:21:50  Show Profile
Don't crash their browser, redirect them to http://www.******* you.com!

Go to Top of Page

RichardKinser
Snitz Forums Admin

USA
16655 Posts
Posted - 09 May 2002 :  16:30:18  Show Profile
New variation of a word in the Bad Word Filter added. Do Not try to get around the Badword filter. It will only result in your account getting locked.
Go to Top of Page
Page: of 3 Previous Topic Topic Next Topic  
Next Page
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.19 seconds. Powered By: Snitz Forums 2000 Version 3.4.07