Hackers with a sense of humour, or at least a love of Chinese food

Screen Shot 2014-01-16 at 3.51.46 PM

A client asked me to check into a page on their web site that captures name and address registrations from users. The page is available to the public, and does not included a CAPTCHA. The form entries are saved into a database table, there were many entries clearly submitted by a bot over a period of time. Many of them had the address “3137 Laguna Street, San Francisco”, which presumably was just a piece of junk, the main prize was them adding a bunch of links off to dodgy web sites in a description field.

Out of idle curiosity I Googled the address. It’s a Chinese restaurant!

I bet the Syrian Electronic Army never leaves restaurant recommendations on the sites they attack 🙂

7 thoughts on “Hackers with a sense of humour, or at least a love of Chinese food

  1. Ha! Some spunk-monkey just used the same address when carpet bombing my site with hack attempts. My Google Fu technique brought me to your page. Thanks for posting.

  2. I also has someone attempting to hack our website using this address. They didn’t manage to do anything but create 100 accounts using this address and different usernames that were trying to inject Javascript. Proud to say all attempts failed! Found your post while trying to find out who they might be.

  3. 3137 Laguna Street is the test address data used by Acunetix pen test software. Hackers are probably using a cracked version of that.

  4. Can those annoying injection attempts slow a shopping cart (shop) to a halt where it takes 15 seconds to open every page?

Leave a Reply to Robert Wilson Cancel reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s