Dave’s Blog

Someone posted a comment to this blog earlier, looks like they where trying to use SQL injection to beat the spam filters or it may have been a real person trying their luck.

Anyway I find this stuff pretty interesting so I thought I would post the attack, here is what he posted:

Bill883205666′,’928884583billy@msn.com’,”,’10.134.123.1′,’2008-06-14 08:04:27′,’2008-06-14 08:04:27′,”,’0′,’lynx’,’comment’,’0′,’0′),(’0′, ”, ”, ”, ”, ‘2008-06-15 08:04:27′, ‘2008-06-15 08:04:27′, ”, ’spam’, ”, ‘comment’, ‘0′,’0′ ) /* | None | IP: 124.217.227.127

I think it’s pretty clever how he trys to make the SQL post his message with a fake IP address, I’m also really curious why he takes the trouble to add a fake spam comment to the end of the query.

Doing a reverse lookup of the IP address it seems to be someone’s server / hosting with a shared IP from svservers.com. I guess this guy didn’t get his own IP address.

Results

124.217.227.127 resolves to “svservers.com“

Top Level Domain: “svservers.com“

Country IP Address: MALAYSIA

Anyway that’s all for now, If anyone could explain more about what he’s up to I would be really interested to hear it.

Just a quick warning to any Linux users who are getting Virgin Media broadband installed.

The welcome website you put your details into when the connection is first hooked up actually checks if you are using Windows / Mac or not. If not you will get this error:

“Incompatible OS or Browser

To set up Virgin Broadband, your computer needs to use a recent version of Windows or Apple Mac OSX and have a compatible Internet Browser. It looks like your computer does not meet these requirements.

For further information please consult your set-up guide or give us a call on 0906 212 1111*.

* Calls cost 25p per minute, with a 10p connection fee from Virgin Media landlines. If you’re calling from a mobile phone, or another network, the charge may vary.“

Anyway the solution is easy, install tamper data and Under the “Tamper Data - Options” you can update the User-Agent to Internet explorer or Safari etc. which the website allows.

It’s a stupid check anyway really as to the computer it’s just an ethernet connection so why it would only work on certain operating systems is beyond me!

I thought I would start off the blog with something hackery.. The other day my friend asked me to help get back into her Myspace account. She had forgotten the old email address she used to sign up to the site.

My mission was to figure out the email and password used, login and then update her email and password to the new ones she can remember. All I had to go on was the rough structure of the email address, she remember it was a hotmail.co.uk address and the words used.

It was something like two words and a number but she couldn’t remember how it went exactly.. e.g. herbert1wompom@hotmail.co.uk or 1herbertwompom@hotmail.co.uk or herbertwompom1@hotmail.co.uk or something similar. There where a few words and numbers she thought it probably was but she couldn’t remember the exact combination.

Anyway I figured the first step was to figure out what the exact email address was. I used the Myspace advanced search facility and started guessing combinations of the email address until a match was found. Eventually after 20 mins of guessing one of the email address’ linked to her profile so I was half way there.

Next I had to compromise the email account so I started trying to login to her Hotmail account with some of the passwords she thought it might be. After a while I realized that the email account didn’t exist (it must have expired) so I signed up using the appropriate account name to gain access to emails sent to that address.

Lastly all I had to do was go on Myspace and click the “I forgot my password” button and I had everything I needed. I logged into her Myspace profile and was able to update the email and password.

The main thing to remember from this is how powerful the Myspace search is. If I get an email from someone I can instantly search Myspace for a profile with that email address and find out a lot of personal information.