FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum Development » Bug Reports » Old bug revisited?
Show: Today's Messages :: Polls :: Message Navigator
Switch to threaded view of this topic Create a new topic Submit Reply
Old bug revisited? [message #19009] Mon, 21 June 2004 18:39 Go to next message
Marticus   United States
Messages: 272
Registered: June 2002
Karma: 1
Senior Member
I keep receiving email messages from the forum regarding people who have attempted to register for accounts. The admin interface shows similar details to this:

Login: Lancer
E-mail: postmaster(at)blahblahpornsite(dot)com
Name: Lancer
Gender: Unspecified
IP Address: 0.0.0.0

So, I check the apache access logs and find this:

213.24.168.11 - - [21/Jun/2004:08:15:05 -0400] "POST /index.php?t=register HTTP/1.1" 200 401
213.24.168.11 - - [21/Jun/2004:08:15:33 -0400] "POST /index.php?t=register HTTP/1.1" 302 5
213.24.168.11 - - [21/Jun/2004:08:15:34 -0400] "GET /index.php?S=a47613fcf266fc74697dc821ee037bed HTTP/1.1" 200 13579
213.24.168.11 - - [21/Jun/2004:08:15:35 -0400] "GET /lib.js HTTP/1.1" 304 -
213.24.168.11 - - [21/Jun/2004:08:15:36 -0400] "GET /theme/default/forum.css HTTP/1.1" 304 -
213.24.168.11 - - [21/Jun/2004:08:16:12 -0400] "GET /index.php?t=emailconf&conf_key=3da4fc9af93e6a45b2ba8f86e0336008 HTTP/1.1" 302 5
213.24.168.11 - - [21/Jun/2004:08:16:13 -0400] "GET /index.php?t=index& HTTP/1.1" 200 13579
213.24.168.11 - - [21/Jun/2004:08:16:14 -0400] "GET /lib.js HTTP/1.1" 304 -
213.24.168.11 - - [21/Jun/2004:08:16:15 -0400] "GET /theme/default/forum.css HTTP/1.1" 304 -


I found one reference to these log entries in your search:
http://fudforum.org/forum/index.php?t=msg&goto=2553&

Is there an exploint in fud? Will I need to use mod rewrite to block this type of attack?

-Marticus
Re: Old bug revisited? [message #19010 is a reply to message #19009] Mon, 21 June 2004 18:45 Go to previous message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
What is the problem? I see nothing wrong.

The IP of '0.0.0.0' is possible only in these cases:

1) There was no HTTP_X_FORWARDED_FOR ($_SERVER['HTTP_X_FORWARDED_FOR']) header with valid entries and $_SERVER['REMOTE_ADDR'] was empty too.
2) Your PHP does not create/populate $_SERVER superglobal.


FUDforum Core Developer
  Switch to threaded view of this topic Create a new topic Submit Reply
Previous Topic: Upgrade problem? (2.6.2 -> 2.6.4)
Next Topic: duplicated message: error trying to edit message file
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sun Nov 24 22:46:27 GMT 2024

Total time taken to generate the page: 0.02207 seconds