Comments for Server Hosting and Bandwidth
www.fishforums.net
there's LOTS
of messages...
23 pages of messages by Guest!!
is Guest a forum bot or something
The April FOTM Contest Poll is open!
🏆 Click to vote! 🏆
but...The text looks like SQL statements and console commands. If it is a bot it is not generating text for human consumption, it might be a script trying to find weakness in the system, though the commands don't look entirely right for that either. @dascrow do you know anything about this?
that line is an attempt at blind sql injection. this one waits for a response, and the response time will vary depending on if the site is vulnerable to these types of attacksI know that chat is not a console but everything you write in the chat gets interpreted by the system and gets added to a database. Some of the simpler hacks involve writing SQL statements into user entry fields, if the server processes these as an SQL statement then you can do a lot of different things. Hopefully security is good enough to stop those. There could be other reasons for the statements. "XOR(if(now()=sysdate(),sleep(15),0))XOR" looks like a code line of some sort to me, I am not a web developer but this looks like some trigger after a 15 minute wait.
No matter the cause this kind of information should not be displayed to the users. It could be some test script running.
whew, no more information seeker kids!!This has now been sorted out.