New comment spam hack attempt

  • webdoc

    (@webdoc)


    10 years, 5 months ago

    Hi Folks,
    I got a new form of hack attempt in a comment today. Well, at least it is new to me and my network of blogs.

    I am writing to see if you WordPress devs would like me to send it to you in some fashion so you can see how it works.

    The body of the attack is a lot of character encodes, like this:

    tor success User: obuser Password: obpass'+'\r\n\r\n'

    Let me know…

Viewing 2 replies - 1 through 2 (of 2 total)
  • esmi

    (@esmi)

    10 years, 5 months ago

    We don’t log hack attempts here. Tbh, the only security issues that are of real concern are issues that have been verified as security bugs in WordPress core. Looks like you just had someone trying a new method out and (apparently) failing.

    Thread Starter webdoc

    (@webdoc)

    10 years, 5 months ago

    I guess you can’t escape character entities and have them show up in the forum…

    Also, I found another post about this, so I guess folks already know.

    I thought that perhaps the techniques might reveal a security hole by showing a demonstration of a technique that the attacker thinks will work.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘New comment spam hack attempt’ is closed to new replies.