Onlangs dit bericht via een van mijn sites ontvangen. Zijn er meer wm'ers die een dergelijk bericht hebben ontvangen? Het IP adres van de afzender is 84.19.165.213 en zit ergens in Duitsland of Polen. Heb inmiddels een melding neergelegd bij APG (Autoriteit Persoons Gegevens) ivm meldplicht volgens de sinds 01-01-2016 geldende wet 'Meldplicht Datalekken'
Dear sir/madam
I am Martin a specialist on websecurity from the wwwanalysis.com team,
we provide professional web scanning, and security, the reason that i am writing this email to you,
is because we have found a vulnerability in your website, that allows someone with malicious intent
to take data from the database like usernames,passwords this kind of vulnerability allows the attacker to take
whole control over the website, if you need a Proof of Concept feel free to contact us at team@wwwanalysis.com
or if you prefer skype : faneq123
if you dont need our service, you dont have to do anything since our intentions were good
we didnt damage anything, or changed any data, as this is not our intention
we just hope you get this fixed as possible, to protect any user data.
PROVE:
version()=5.5.31-log
db_name: cospa_koets
if u want i can send u the admin password with your permission, if your will prove that you are the admin owner of the site.
Regards Martin from http://www.wwwanalysis.com team
Datalek(ken)
- Cospamedia
- 2 Euro
- Berichten: 192
- Lid geworden op: 14 jun 2014 19:47
Datalek(ken)
CospaMedia: Cashze
-
- 10 Euro
- Berichten: 299
- Lid geworden op: 17 jan 2014 14:44
Re: Datalek(ken)
Ik heb ook zo'n mail ontvangen op 16 januariCospamedia schreef:Onlangs dit bericht via een van mijn sites ontvangen. Zijn er meer wm'ers die een dergelijk bericht hebben ontvangen? Het IP adres van de afzender is 84.19.165.213 en zit ergens in Duitsland of Polen. Heb inmiddels een melding neergelegd bij APG (Autoriteit Persoons Gegevens) ivm meldplicht volgens de sinds 01-01-2016 geldende wet 'Meldplicht Datalekken'
Dear sir/madam
I am Martin a specialist on websecurity from the wwwanalysis.com team,
we provide professional web scanning, and security, the reason that i am writing this email to you,
is because we have found a vulnerability in your website, that allows someone with malicious intent
to take data from the database like usernames,passwords this kind of vulnerability allows the attacker to take
whole control over the website, if you need a Proof of Concept feel free to contact us at team@wwwanalysis.com
or if you prefer skype : faneq123
if you dont need our service, you dont have to do anything since our intentions were good
we didnt damage anything, or changed any data, as this is not our intention
we just hope you get this fixed as possible, to protect any user data.
PROVE:
version()=5.5.31-log
db_name: cospa_koets
if u want i can send u the admin password with your permission, if your will prove that you are the admin owner of the site.
Regards Martin from http://www.wwwanalysis.com team
name: WWWAnalysis.com
username:
bquestion_type: IMPORTANT hole in klikduviveltje.nl
message_type: Hi,
I am Martin the specialist web vulnerable analyst from wwwanalysis.com team,
We provide professional web scaning, and security, i am writting to you,
as we have found a hole in your website that allow the 3rd person to take data from
database like usernames,passwords..., that kind of vulnerability allow attacker to take control of whole website.
If you need proofs just contact with us at team@wwwanalysis.com or skype: faneq123.
If you dont need our service we will just walk away and leave it like it is.
We wont damage anything, or change the data, as its not our point. We want just
help your service to improve it and protect user data.
PROVE:
version()=back-end DBMS: MySQL 5.1.62
db_name: klikduivel_gpt
@@hostname: kwhs023.emailmarketinggroep.nl
I just took info about db there is way to get all users/passwords/tables/cofnigs etc.. but i dont want to check that without administrator permission,
if you want more info contact me as soon as posible, that kind of vulnerability is really dangerous
Regards Martin from http://www.wwwanalysis.com team
-------------------------------
Sender Info:
COMPUTER ID:
USERNAME:
IP/PROXY: 217.114.213.133/"';forw - o;"'via;
Frappant is wel dat er vanmiddag iemand heb proberen in te breken op duiveltje
DATE TIME: 01/20/2016 17:35
FAILED PASSWD: vastelaovend
REQUEST: /scripts/admin/index.php
COMPUTER ID:
USERNAME:
SESSION SECURITY: N/A
IP/PROXY: 185.93.181.125/"';oXf - o;"'via;
Groetjes
Nelly
-
- 2 Euro
- Berichten: 166
- Lid geworden op: 22 feb 2014 08:09
Re: Datalek(ken)
Ik krijg zo veel van dit soort mailtjes.
Helaas is mijn Engels vrij. k..... en gooi alles in het buitenlands meteen weg.. Snap het toch nie
Helaas is mijn Engels vrij. k..... en gooi alles in het buitenlands meteen weg.. Snap het toch nie
- Amadee
- 50 Cent
- Berichten: 78
- Lid geworden op: 09 mei 2015 21:15
- Contacteer:
Re: Datalek(ken)
Hier ontvangen i.v.m Meergeldmails maar was bluf, meteen de vuilnisbak in dit soort mailtjes.Cospamedia schreef:Onlangs dit bericht via een van mijn sites ontvangen. Zijn er meer wm'ers die een dergelijk bericht hebben ontvangen? Het IP adres van de afzender is 84.19.165.213 en zit ergens in Duitsland of Polen. Heb inmiddels een melding neergelegd bij APG (Autoriteit Persoons Gegevens) ivm meldplicht volgens de sinds 01-01-2016 geldende wet 'Meldplicht Datalekken'
Dear sir/madam
I am Martin a specialist on websecurity from the wwwanalysis.com team,
we provide professional web scanning, and security, the reason that i am writing this email to you,
is because we have found a vulnerability in your website, that allows someone with malicious intent
to take data from the database like usernames,passwords this kind of vulnerability allows the attacker to take
whole control over the website, if you need a Proof of Concept feel free to contact us at team@wwwanalysis.com
or if you prefer skype : faneq123
if you dont need our service, you dont have to do anything since our intentions were good
we didnt damage anything, or changed any data, as this is not our intention
we just hope you get this fixed as possible, to protect any user data.
PROVE:
version()=5.5.31-log
db_name: cospa_koets
if u want i can send u the admin password with your permission, if your will prove that you are the admin owner of the site.
Regards Martin from http://www.wwwanalysis.com team