Author |
Topic |
foo
New Member
52 Posts |
Posted - 08 May 2002 : 04:10:29
|
5/10/2002 - 1.1 available at: http://ozroot.com/forums/
Here is code to print and email (email is untested) the Time and IP address of attempted hackers. There's also some optional code to crash their browser if you like. insert the following code:
if Instr(SearchName,"M_PASSWORD") Then strIP = Request.ServerVariables("REMOTE_ADDR") strTime = Now() strRecipientsName = "Admin" strRecipients = "admin@yourdomain.com" strFrom = "Hack Patrol" strFromName = "Hack Patrol" strFromAddress = "HackCheck@yourdomain.com" strSubject = "Got One" strMessage = strIP & " - " & strTime & vbcrlf response.write "<H1>" & strMessage response.write "</H1><P>Your IP address and the current time " response.write "have been sent to the administrator." %> <!--#INCLUDE FILE="inc_mail.asp" --> <% response.end End If
into members.asp just before the line
srchUName = trim(chkString(Request("UserName"),"SQLString"))
This is in the middle of the security update and should be done after patching your code of course!
Feel free to insert the following code in place of the response.end. I haven't tested it on Netscape but it Crashes IE 5 very nicely.
code removed by HuwR, we are not vindictive, please do not post code which will cause someone elses PC to crash, this makes you as juvenile as the hackers
Tim Root timr@bluedevils.org
Edited by - foo on 08 May 2002 10:26:48
Edited by - foo on 09 May 2002 15:33:57
Edited by - foo on 10 May 2002 19:29:41 |
|
foo
New Member
52 Posts |
Posted - 08 May 2002 : 10:25:21
|
I can respect that. I wrote the code then decided against using it on my site for that reason. Be the better man and all that. Still, you could easily make a case that it's not juvenile or vindictive to stop them from accessing my site by crashing their browser once they've been identified as someone attempting to break in. Maybe I'll modify this mod to add hacker IP addresses to a blocked list.
-Tim
|
|
|
Steve D.
Average Member
USA
640 Posts |
Posted - 08 May 2002 : 10:33:05
|
Can you explain what this is doing?
---------------------------------------- Badges? We don't need no stinking badges |
|
|
foo
New Member
52 Posts |
Posted - 08 May 2002 : 11:54:42
|
It looks at the search string for someone who is trying to rip off your passwords. If they are it sends you an email with the time and their IP address and displays a message that the administrator has been informed of the attempted hack.
Tim
P.S. The email code has been tested and works as advertised( I'm just using the existing forum mail code.)
Edited by - foo on 08 May 2002 11:56:51 |
|
|
milki
Junior Member
Israel
320 Posts |
Posted - 08 May 2002 : 13:09:11
|
can you send it to my email !
krembo@012.net.il
and if some onr is doing me something rong i can do this to him ! if is an "hacker" he need a panisht ...
Edited by - milki on 08 May 2002 13:12:48 |
|
|
T.G.K
Junior Member
Vietnam
347 Posts |
Posted - 08 May 2002 : 13:13:31
|
uhms i want to try it too :)
~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
HandAble.com
Starting Member
15 Posts |
Posted - 08 May 2002 : 14:59:31
|
quote:
if Instr(SearchName,"M_PASSWORD") Then
Instr is case sensitive... I am not fully versed in ASP, is there a case insensitive version of this? ("m_password" would not be trapped by this).
---- http://HandAble.com
|
|
|
nomad_2k
Junior Member
United Kingdom
173 Posts |
Posted - 08 May 2002 : 15:10:59
|
Change it to
if Instr(SearchName,"M_PASSWORD", vbTextCompare) Then
this makes it case insensitive.
Good things come to those who wait. http://www.freeasphost.co.uk/evolution/ |
|
|
HandAble.com
Starting Member
15 Posts |
Posted - 08 May 2002 : 16:18:17
|
quote:
Change it to
if Instr(SearchName,"M_PASSWORD", vbTextCompare) Then
this makes it case insensitive.
Microsoft VBScript runtime error '800a000d'
Type mismatch: 'SearchName'
/forums/members.asp, line 67
---- http://HandAble.com
|
|
|
HarshReality
Junior Member
USA
128 Posts |
Posted - 08 May 2002 : 22:06:14
|
Ok can somebody email me this, I am curious about how this was setup
Oh what wonders await we the ****ed in exile, for in a single act of rage I have slain what little humanity I have left and all that remains is the beast.... |
|
|
johngo33
Starting Member
14 Posts |
Posted - 09 May 2002 : 10:24:35
|
Maybe we can convert it to uppercase before search:
Change:
if Instr(SearchName,"M_PASSWORD") Then
To:
Dim strHackCheck strHackCheck = UCase(SearchName) if Instr(strHackCheck,"M_PASSWORD") Then
I tried this, and it works.
Edited by - JohNgo33 on 09 May 2002 10:30:13 |
|
|
HandAble.com
Starting Member
15 Posts |
Posted - 09 May 2002 : 12:10:27
|
quote:
Maybe we can convert it to uppercase before search:
Great .. that worked for me, too. Thanks.
---- http://HandAble.com
|
|
|
Morten
Junior Member
Denmark
251 Posts |
Posted - 09 May 2002 : 12:55:01
|
Could somebody please explain excatcly what why the hackers could ever find out from the searchfield on the memberpage. I have dicovered a single user at my site wheile viewing the "Who is Online" that somebody was at a unknown page - if I tryed to reach excactly that page I got an error. The only thing I remember was that "M_USERNAME" or "M_PASSWORD" was part of that particular long path this user was on.
I have changed my forums now with the fix and with the mail-alarm from this topic. Mayby its not so good to post it here but please mail me what I have to look for in my logfiles in the future. Schould I ask all my users to change their passwords ?
Regards Morten
|
|
|
foo
New Member
52 Posts |
Posted - 09 May 2002 : 15:28:07
|
The HackMod is available at
http://ozroot.com/forums/
Changes: - no longer case sensitive - Easier One line install (It's now an include file.)
For those of you looking for the crash code... Sorry, HuwR was right and I'm not going to provide it.
Tim
|
|
|
johngo33
Starting Member
14 Posts |
Posted - 09 May 2002 : 16:21:50
|
Don't crash their browser, redirect them to http://www.******* you.com!
|
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
Posted - 09 May 2002 : 16:30:18
|
New variation of a word in the Bad Word Filter added. Do Not try to get around the Badword filter. It will only result in your account getting locked. |
|
|
Topic |
|