Okay, someone just left a very strange comment (or at least tried to) on the first post I’ve ever made on this blog, dated several months ago. Not sure what exactly this script kiddie was trying to do, but here’s the comment information:
Author : Bill961356476','email@example.com','','220.127.116.11','2008-03-20 00:04:45','2008-03-20 00:04:45','','0','lynx','comment','0','0'),('0', '', '', '', '', '2008-03-21 00:04:45', '2008-03-21 00:04:45', '', 'spam', '', 'comment', '0','0' ) /* (IP: 18.104.22.168 , svservers.com)
URL : http://None
Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=22.214.171.124
Looks like some lame SQL injection attempt (notice the emphasis on lame and attempt). Banned the IP they were using, even though it looks to be a proxy based in Malaysia. Let this serve as a reminder to keep your WordPress installation up-to-date and make sure there aren’t any vulnerabilities through active plugins (or even themes) you may have installed.